CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2026/03/24 12:0 a.m.•0 views

OpenClaw Metadata Spoofing Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a metadata forgery vulnerability that stems from client-submitted reconnect platform and device family fields not being bound to a device authentication signature. An attacker could use this...

8.6CVSS5.9AI score0.0019EPSS

OSV•added 2026/03/19 10:16 p.m.•2 views

CVE-2026-32014

OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth signature. An attacker with a paired node identity on the trusted network can spoof reconnect...

8CVSS5.9AI score

NVD•added 2026/03/19 10:16 p.m.•2 views

CVE-2026-32014

8.6CVSS0.0019EPSS

ATTACKERKB•added 2026/03/19 10:6 p.m.•1 views

CVE-2026-32014

Cvelist•added 2026/03/19 10:6 p.m.•15 views

Exploits0References4

CVE-2026-32014 OpenClaw < 2026.2.26 - Node Reconnect Metadata Spoofing via Unsigned Platform Fields

8.6CVSS0.0019EPSS

CVE•added 2026/03/19 10:6 p.m.•8 views

CVE-2026-32014

OpenClaw is affected in versions prior to 2026.2.26. The vulnerability is a metadata spoofing flaw where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth signature. An attacker with a paired node identity on a trusted network can spo...

Exploits0References3Affected Software1

EUVD•added 2026/03/19 10:6 p.m.•3 views

EUVD-2026-13277

CNNVD•added 2026/03/19 12:0 a.m.•5 views

OpenClaw 安全漏洞

RedhatCVE•added 2025/05/23 2:3 a.m.•3 views

CVE-2023-6482

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an attacker to set up a TLS session with the fingerprint sensor and send restricted commands to the fingerprint sensor. This may allow an attacker, who has physical access to the sensor, to enroll a...

5.2CVSS6.6AI score0.00132EPSS

Exploits0

CVE•added 2024/10/14 8:20 a.m.•43 views

CVE-2024-9139

CVE-2024-9139 relates to an OS command injection in MOXA devices (notably MOXA EDR-8010, EDR-G9004, EDR-G9010, EDF-G1002-BP, NAT-102, G4302-LTE4, TN-4900 among others). The root cause is failure to neutralize special elements in restricted commands, enabling a remote attacker to execute arbitrary...

8.6CVSS7.5AI score0.01385EPSS

OSV•added 2024/09/25 12:15 p.m.•2 views

CVE-2024-6593

Incorrect Authorization vulnerability in WatchGuard Authentication Gateway aka Single Sign-On Agent on Windows allows an attacker with network access to execute restricted management commands. This issue affects Authentication Gateway: through 12.10.2...

9.1CVSS5.9AI score0.00529EPSS

RedhatCVE•added 2024/02/21 3:2 p.m.•79 views

CVE-2023-3976

A flaw was found in /etc/sudoers in Red Hat OpenStack. As a result of this misconfiguration in the sudoers file, the application is allowed to run restricted commands with root privileges. This issue could allow a local authenticated attacker to gain elevated privileges on the system. This flaw i...

8.8CVSS7.6AI score0.00211EPSS

OSV•added 2024/01/27 1:15 a.m.•2 views

CVE-2023-6482

5.2CVSS5.8AI score0.00132EPSS

NVD•added 2024/01/27 1:15 a.m.•19 views

CVE-2023-6482

5.2CVSS5.1AI score0.00132EPSS

Prion•added 2024/01/27 1:15 a.m.•14 views

Design/Logic Flaw

3.6CVSS6.8AI score0.00132EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/01/27 12:19 a.m.•11 views

CVE-2023-6482 Encryption key derived from static host information

5.2CVSS6.8AI score0.00132EPSS

CNNVD•added 2023/07/27 12:0 a.m.•3 views

Red Hat Ansible automation controller 安全漏洞

Red Hat Ansible automation controller is a centralized management tool from Red Hat, Inc. It is used to manage inventory, initiate and schedule workflows, track changes, and integrate reporting with a centralized user interface. A security vulnerability exists in Red Hat Ansible automation...

8AI score

Positive Technologies•added 2023/06/26 12:0 a.m.•3 views

PT-2023-22482 · Fpc +1 · Fpc +1

Name of the Vulnerable Software and Affected Versions: SMM versions 1 and 2 FPC affected versions not specified Description: A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands that the...

6.3CVSS6.4AI score0.00242EPSS