ClawKeeper: Comprehensive Safety Protection for OpenClaw Agents through Skills, Plugins, and Watchers

Whitepaper called ClawKeeper: Comprehensive Safety Protection For OpenClaw Agents Through Skills, Plugins, And Watchers...

Fedora 44 : containernetworking-plugins (2026-d6b4b4df31)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d6b4b4df31 advisory. - Update to release v1.9.1 - Resolves: rhbz2448053, rhbz2423997, rhbz2424031 - Upstream fixes Tenable has extracted the preceding description block...

Fedora: Security Advisory (FEDORA-2026-7ed700921c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress plugin Wolverine Framework 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...

WPProbe Plugin Enumeration Tool 0.11.2

A fast WordPress plugin and theme scanner that detects installed plugins via REST API enumeration and themes from HTML discovery, then maps them to known vulnerabilities. Over 5,000 plugins detectable without brute-force, thousands more with it...

at.ganzleicht.vaadin:vaadin-maven-plugin (>=9.1.1 <=9.1.3.2), au.com.acegi:xml-format-maven-plugin (>=4.0.1 <=4.1.0) +2006 more potentially affected by CVE-2025-67030 via org.codehaus.plexus:plexus-utils (>=4.0.0 <=4.0.2)

org.codehaus.plexus:plexus-utils MAVEN version =4.0.0, =9.1.1, =4.0.1, =0.0.1, =0.0.9, =0.4.0, =0.0.0, =1.9.2, =1.0.0-M5, =1.0.0-M6, =1.0.0-M1, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =1.0.0-M10 and more Source cves: CVE-2025-67030 Source advisory: SNYK:JAVA-ORGCODEHAUSPLEXUS-15766699...

Fedora 43 : containernetworking-plugins (2026-8ee0451243)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8ee0451243 advisory. - Update to release v1.9.1 - Resolves: rhbz2448053, rhbz2423997, rhbz2424031 - Upstream fixes Tenable has extracted the preceding description block...

Fedora 42 : containernetworking-plugins (2026-7ed700921c)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7ed700921c advisory. Update to release v1.9.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

WordPress plugin WP Insightly for Contact Form 7、WPForms、Elementor、Formidable and Ninja Forms 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

africa.shuwari.sbt:sbt-js_2.12_1.0 (=0.16.1), africa.shuwari.sbt:sbt-netbeans_2.12_1.0 (>=0.1.0 <=0.1.1) +355 more potentially affected by CVE-2026-32948 via org.scala-sbt:main_2.12 (>=1.0.0-M5 <=1.12.6)

org.scala-sbt:main2.12 MAVEN version =1.0.0-M5, =0.1.0, =0.12.1, =0.12.1, =0.12.1, =0.12.1, =0.12.1, =0.12.1, =0.14.1, =0.12.1, =0.1.0, =0.0.1, =0.0.5 - br.com.mobilemind:livereload2.121.0 =0.2.10 and more Source cves: CVE-2026-32948 Source advisory: SNYK:JAVA-ORGSCALASBT-15763415...

Security update for gstreamer-plugins-ugly

This update for gstreamer-plugins-ugly fixes the following issues: CVE-2026-2920: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1259367. CVE-2026-2922: GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability bsc1259370. Patch...

SUSE-SU-2026:0998-1 Security update for gstreamer-plugins-ugly

This update for gstreamer-plugins-ugly fixes the following issues: - CVE-2026-2920: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability bsc1259367. - CVE-2026-2922: GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability bsc1259370...

CVE-2026-23483

Blinko CVE-2026-23483 affects the Blinko AI-powered card note-taking project. Versions 1.8.3 and earlier suffer a path traversal in the plugin file server endpoint: it concatenates paths with join() without validating that the final path remains inside the plugins directory. This could allow an a...

CVE-2026-33501

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the endpoint plugin/Permissions/View/Usersgroupspermissions/list.json.php lacks any authentication or authorization check, allowing unauthenticated users to retrieve the complete permission matrix mapping user...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +149 more potentially affected by CVE-2026-4633 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.4.7)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.1.7 and more Source cves: CVE-2026-4633 Source advisory: OSV:GHSA-RHGQ-F8X5-J2JC...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +170 more potentially affected by CVE-2026-4628 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.6.0)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-4628 Source advisory: OSV:GHSA-4PGC-GFRR-WCMGhttps://vulners.com/osv/OSV:GHSA-4PGC-GFRR-...

WordPress plugin Schema Shortcode 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress plugin WP Games Embed 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress plugin Content Syndication Toolkit 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-4505 eosphoros-ai DB-GPT FastAPI Endpoint controller.py module_plugin.refresh_plugins unrestricted upload

A vulnerability has been found in eosphoros-ai DB-GPT up to 0.7.5. This issue affects the function moduleplugin.refreshplugins of the file packages/dbgpt-serve/src/dbgptserve/agent/hub/controller.py of the component FastAPI Endpoint. Such manipulation leads to unrestricted upload. It is possible ...