Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2026/04/28 6:9 p.m.1 views

CVE-2026-41383 OpenClaw < 2026.4.2 - Arbitrary Remote Directory Deletion via Mis-scoped Mirror Mode Paths

OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. Attackers can manipulate these OpenShell config paths to cause mirr...

8.1CVSS5.7AI score0.00058EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/04/07 6:14 p.m.4 views

OpenClaw: OpenShell mirror mode could delete arbitrary remote directories when roots were mis-scoped

Summary Before OpenClaw 2026.4.2, the OpenShell mirror backend accepted arbitrary absolute remoteWorkspaceDir and remoteAgentWorkspaceDir values. In mirror mode, those paths were then used as the target of remote cleanup and overwrite operations. Impact If an attacker could influence those...

8.1CVSS6.1AI score0.00058EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2026/04/01 9:26 p.m.2 views

EUVD-2026-18039

AIOHTTP affected by UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows...

8.7CVSS5.9AI score0.00021EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/01 3:29 p.m.16 views

CVE-2026-34510 OpenClaw < 2026.3.22 - Remote File URL Acceptance in Windows Media Loaders

OpenClaw before 2026.3.22 contains a path traversal vulnerability in Windows media loaders that accepts remote-host file URLs and UNC-style paths before local-path validation. Attackers can exploit this by providing network-hosted file targets that are treated as local content, bypassing intended...

6.9CVSS0.00065EPSS
Exploits0References5
Amazon
Amazonadded 2024/07/10 12:0 a.m.2 views

Important: firefox

Issue Overview: RESERVED NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-30/CVE-2022-2205 CVE-2022-2205 An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerabilit...

9.8CVSS9.7AI score0.01765EPSS
Exploits1
Kitploit
Kitploitadded 2024/01/31 11:30 a.m.11 views

Stompy - Timestomp Tool To Flatten MAC Times With A Specific Timestamp

A PowerShell function to perform timestomping on specified files and directories. The function can modify timestamps recursively for all files in a directory. Change timestamps for individual files or directories. Recursively apply timestamps to all files in a directory. Option to use specific...

7.4AI score
Exploits0References6
Metasploit
Metasploitadded 2013/10/22 8:31 p.m.26 views

SMB File Delete Utility

This module deletes a file from a target share and path. The usual reason to use this module is to work around limitations in an existing SMB client that may not be able to take advantage of pass-the-hash style authentication. This module requires Metasploit: https://metasploit.com/download Curre...

7.1AI score
Exploits0
Rows per page
Query Builder