Lucene search
K

4 matches found

Cvelist
Cvelist
added yesterday9 views

CVE-2026-59955 Apollo ConfigService access key authentication bypass via raw config file appId parsing

Apollo is a reliable configuration management system suitable for microservice configuration management scenarios. Prior to 2.5.2, Apollo ConfigService may allow unauthorized access to raw configuration data when AccessKey or management key authentication is enabled because requests under...

7.5CVSS
Exploits0References3
Positive Technologies
Positive Technologies
added 3 days ago4 views

PT-2026-60110

Summary Apollo ConfigService may allow unauthorized access to raw configuration data when AccessKey / management key authentication is enabled because authentication parsed the appId incorrectly for the raw config file endpoint. Details Requests under /configfiles/raw/appId/clusterName/namespace...

7.5CVSS6.1AI score
Exploits0References6
NVD
NVD
added 2026/02/19 11:16 p.m.9 views

CVE-2026-26326

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, skills.status could disclose secrets to operator.read clients by returning raw resolved config values in configChecks for skill requires.config paths. Version 2026.2.14 stops including raw resolved config values in requirement check...

5.3CVSS0.00303EPSS
Exploits0References4
OSV
OSV
added 2026/02/17 9:43 p.m.5 views

GHSA-8MH7-PHF8-XGFM OpenClaw skills.status could leak secrets to operator.read clients

Summary skills.status could disclose secrets to operator.read clients by returning raw resolved config values in configChecks for skill requires.config paths. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.14...

5.3CVSS5.6AI score0.00303EPSS
Exploits0References6
Rows per page
Query Builder