Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/22 9:4 p.m.7 views

EUVD-2026-38364

Cap-go before 12.128.2 contains multiple SQL injection vulnerabilities in cloudflare.ts where user-controlled values from API request bodies are interpolated directly into SQL query strings without sanitization or parameterization. Authenticated users with read-level API key permissions can injec...

7.1CVSS6AI score0.00276EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.19 views

CVE-2026-56221 Cap-go - SQL Injection in Cloudflare Analytics Engine Queries via cloudflare.ts

Cap-go before 12.128.2 contains multiple SQL injection vulnerabilities in cloudflare.ts where user-controlled values from API request bodies are interpolated directly into SQL query strings without sanitization or parameterization. Authenticated users with read-level API key permissions can injec...

7.1CVSS0.00276EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/17 9:43 p.m.5 views

Insufficiently Protected Credentials

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the skills.status function. An attacker can access sensitive configuration secrets by invoking this function with read-level privileges, which...

5.3CVSS5.7AI score0.00303EPSS
Exploits0References2
Prion
Prion
added 2023/06/01 1:15 p.m.17 views

Privilege escalation

An Improper Privilege Management vulnerability in SUSE Rancher allowed standard users to leverage their existing permissions to manipulate Kubernetes secrets in the local cluster, resulting in the secret being deleted, but their read-level permissions to the secret being preserved. When this...

5.2CVSS7.6AI score0.00715EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder