Duplicate Advisory: OpenClaw vulnerable to arbitrary code execution via attacker-controlled setup-api.js loaded from cwd during env-key resolution

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r39h-4c2p-3jxp. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled plugin setup resolver tha...

CVE-2026-45004

OpenClaw vulnerable to arbitrary code execution prior to version 2026.4.23. The flaw is in the bundled plugin setup resolver, which loads setup-api.js from process.cwd() during provider setup metadata resolution. An attacker can place a malicious extensions//setup-api.js in a repository and cause...

CVE-2026-35461

Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, the Papra webhook system allows authenticated users to register arbitrary URLs as webhook endpoints with no validation of the destination address. The server makes outbound HTTP POST requests to registered URLs,...

CVE-2026-34719

CVE-2026-34719 affects Zammad. The vulnerability is a server-side request forgery (SSRF) in the webhook model. Before 7.0.1 and 6.5.4, the webhook validation only checked the URL scheme and hostname, missing proper validation for loopback and link-local addresses, enabling potential access to con...

Zammad 代码问题漏洞

Zammad is a ticketing management software developed by the German company Zammad. Versions of Zammad prior to 7.0.1 and 6.5.4 contained code vulnerabilities. These vulnerabilities stemmed from the Webhook model’s lack of validation for loopback addresses, which could lead to the retrieval of...

CVE-2026-33992 pyLoad: Server-Side Request Forgery via Download Link Submission Enables Cloud Metadata Exfiltration

pyLoad is a free and open-source download manager written in Python. Prior to version 0.5.0b3.dev97, PyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request Forgery SSRF attacks. An authenticated attacker can exploit this to access internal network service...

PT-2026-28586

Name of the Vulnerable Software and Affected Versions pyLoad versions prior to 0.5.0b3.dev97 Description pyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request Forgery SSRF attacks. An authenticated attacker can exploit this to access internal network...

CVE-2026-33226

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In versions from 3.30.6 and prior, the REST datasource query preview endpoint POST /api/queries/preview makes server-side HTTP requests to any URL supplied by the user in fields.path with no validation. An...

CVE-2025-67743 Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service

Local Deep Research is an AI-powered research assistant for deep, iterative research. In versions from 1.3.0 to before 1.3.9, the download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow...

Impact of Domain name or Hostname Change on Veeam Appliances

Challenge After changing the FQDN of a Veeam Appliance--either by adding it to a domain or changing its hostname--some operations may be impacted. Solution SAML Authentication May Stop Working After the host name of the Veeam Software Appliance is changed, the Service Provider SP information will...

EUVD-2021-27371

Malware in sbrugna...

CVE-2023-29010 BudiBase Server-Side Request Forgery vulnerability

Budibase is a low code platform for creating internal tools, workflows, and admin panels. Versions prior to 2.4.3 07 March 2023 are vulnerable to Server-Side Request Forgery. This can lead to an attacker gaining access to a Budibase AWS secret key. Users of Budibase cloud need to take no action...

CVE-2021-40186

The AppCheck research team identified a Server-Side Request Forgery SSRF vulnerability within the DNN CMS platform, formerly known as DotNetNuke. SSRF vulnerabilities allow the attacker to exploit the target system to make network requests on their behalf, allowing a range of possible attacks. In...

Server side request forgery (ssrf)

The AppCheck research team identified a Server-Side Request Forgery SSRF vulnerability within the DNN CMS platform, formerly known as DotNetNuke. SSRF vulnerabilities allow the attacker to exploit the target system to make network requests on their behalf, allowing a range of possible attacks. In...

CVE-2021-40186

The OpenVAS entry identifies a DNN CMS (DotNetNuke) SSRF vulnerability affecting DNN versions up to 9.11.2. The flaw enables an attacker to cause the server to perform network requests on its behalf, potentially reaching internal systems and other resources. The vulnerability is described as a se...

CVE-2021-40186 DNN CMS Server-Side Request Forgery (SSRF)

The AppCheck research team identified a Server-Side Request Forgery SSRF vulnerability within the DNN CMS platform, formerly known as DotNetNuke. SSRF vulnerabilities allow the attacker to exploit the target system to make network requests on their behalf, allowing a range of possible attacks. In...

GHSA-WPFR-6297-9V57 User object created with invalid provider data in GoTrue

Impact What kind of vulnerability is it? Who is impacted? Under certain circumstances a valid user object would have been created with invalid provider metadata. This vulnerability affects everyone running an instance of GoTrue as a service. We advise you to update especially if you are using the...

User object created with invalid provider data in GoTrue

Impact What kind of vulnerability is it? Who is impacted? Under certain circumstances a valid user object would have been created with invalid provider metadata. This vulnerability affects everyone running an instance of GoTrue as a service. We advise you to update especially if you are using the...

Qualys Cloud Platform 2.35 New Features

This release of the Qualys Cloud Platform version 2.35 includes updates and new features for AssetView, Cloud Agent, Security Assessment Questionnaire, and Web Application Scanning, highlights as follows. Note: this post has been edited after publishing to remove the Rule-Based Method to...