Lucene search
K

14 matches found

CVE
CVE
added 2026/05/19 5:22 p.m.23 views

CVE-2026-32134

CVE-2026-32134 affects NanoMQ subinfol is freed/NULL’d before restoration, and the transport iterates it without NULL checks. It is fixed in version 0.24.11; upgrade to that release or later to mitigate. No exploitation details are provided in the available documents.

5.9CVSS5.7AI score0.00401EPSS
Exploits0References4
NVD
NVD
added 2026/04/09 10:16 p.m.4 views

CVE-2026-35625

OpenClaw before 2026.3.25 contains a privilege escalation vulnerability where silent local shared-auth reconnects auto-approve scope-upgrade requests, widening paired device permissions from operator.read to operator.admin. Attackers can exploit this by triggering local reconnection to silently...

8.5CVSS0.00192EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/09 9:26 p.m.22 views

CVE-2026-35625 OpenClaw < 2026.3.25 - Privilege Escalation via Silent Local Shared-Auth Reconnect

OpenClaw before 2026.3.25 contains a privilege escalation vulnerability where silent local shared-auth reconnects auto-approve scope-upgrade requests, widening paired device permissions from operator.read to operator.admin. Attackers can exploit this by triggering local reconnection to silently...

8.5CVSS0.00192EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/27 10:29 p.m.3 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the gateway shared-auth reconnect process. An attacker can gain elevated privileges and execute arbitrary code by exploiting the auto-approval of scope-upgrade...

9.4CVSS6.2AI score0.00192EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/04 9:55 p.m.21 views

CVE-2026-22040 NanoMQ 0.24.6 Use-After-Free Leading to Heap Corruption and Broker Crash

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...

5.3CVSS0.00222EPSS
Exploits1References1
CVE
CVE
added 2026/03/04 9:55 p.m.17 views

CVE-2026-22040

The vulnerability CVE-2026-22040 affects NanoMQ (NanoMQ) Broker version 0.24.6. A crafted traffic pattern—high-frequency publishes with rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter—can reliably trigger a heap memory corruption in the Broker process, ca...

5.3CVSS5.9AI score0.00222EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.5 views

PT-2026-23067

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubscribe jitter, it is possible to reliably trigger heap memory...

5.3CVSS5.9AI score0.00222EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2025/02/01 3:47 a.m.3 views

SUSE CVE-2025-21673

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double free of TCPServerInfo::hostname When shutting down the server in cifsputtcpsession, cifsd thread might be reconnecting to multiple DFS targets before it realizes it should exit the loop, so @server-hostnam...

6.3CVSS8.1AI score0.002EPSS
Exploits0References14
OSV
OSV
added 2023/10/22 11:15 p.m.1 views

UBUNTU-CVE-2023-46317

Knot Resolver before 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers...

7.5CVSS5.8AI score0.00641EPSS
Exploits0References4
Fedora
Fedora
added 2021/11/13 1:14 a.m.18 views

[SECURITY] Fedora 34 Update: et-6.1.9-1.fc34

Eternal Terminal ET is a remote shell that automatically reconnects without interrupting the session...

7.4AI score
Exploits0
OSV
OSV
added 2021/09/07 7:15 a.m.4 views

UBUNTU-CVE-2021-34147

The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 does not properly handle the reception of a malformed LMP timing accuracy response followed by multiple reconnections to the link slave, allowing attackers to exhaust device BT resources and eventually...

6.5CVSS6.6AI score0.00562EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2021/01/25 4:30 p.m.3 views

wildfly-core: memory leak in WildFly host-controller in domain mode while not able to reconnect to domain-controller

A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where the host-controller tries to reconnect in a loop, generating new connections that are not properly closed while unable to connect to the domain controller. This flaw allows an attacker to cause an Out of memory OOM...

6.8CVSS5.7AI score0.01469EPSS
Exploits1References4
0day.today
0day.today
added 2017/05/09 12:0 a.m.42 views

Linux/x86-64 - Reverse Shell Shellcode (IPv6) (113 bytes)

BITS 64 ; reverse ip6 tcp shell ; size = 113 bytes depends of ip addr, default is ::1 ; nullbytes free depends only on ip addr, ; you could always and the ip add to remove ; the nulls like i did with the port ; it sleeps and then tries to recconect default 3 seconds ; ;shell =...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2017/01/21 2:7 p.m.661 views

chisel - A fast TCP tunnel over HTTP

Chisel is a fast TCP tunnel, transported over HTTP. Single executable including both client and server. Written in Go Golang. Chisel is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into your network. Chisel is very similar to crowbar though...

7.5AI score
Exploits0References5
Rows per page
Query Builder