Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/05/29 3:11 p.m.40 views

CVE-2026-35673 OpenClaw < 2026.4.29 - SSRF Policy Bypass via Browser Debug/Export Routes

OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes can bypass private-network SSRF policies by reusing blocked tabs to export or inspect content that should...

6.5CVSS0.00155EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/19 3:30 a.m.9 views

Duplicate Advisory: web_search citation redirect SSRF via private-network-allowing policy

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-g99v-8hwm-g76g. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.3.1 contain a server-side request forgery vulnerability in websearch citation redirec...

7.4CVSS5.7AI score0.00184EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/03/19 3:30 a.m.5 views

EUVD-2026-13017

OpenClaw versions prior to 2026.3.1 contain a server-side request forgery vulnerability in websearch citation redirect resolution that uses a private-network-allowing SSRF policy. An attacker who can influence citation redirect targets can trigger internal-network requests from the OpenClaw host ...

7.4CVSS5.8AI score0.00184EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.11 views

PT-2026-7281

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 7.6.0 through 7.6.4 Description An authentication bypass issue exists in Fortinet FortiOS. This flaw may allow an unauthenticated attacker to bypass LDAP authentication for Agentless VPN or Fortinet Single Sign-On FSS...

8.1CVSS5.6AI score0.00698EPSS
Exploits1References13
Rows per page
Query Builder