CVE-2026-33575

OpenClaw prior to 2026.3.12 embeds long‑lived shared gateway credentials directly in pairing setup codes generated by /pair and in the OpenClaw QR command. If attackers access leaked setup codes from chat history, logs, or screenshots, they can recover and reuse the shared credential outside the ...

CVE-2026-33473

Vikunja (Vikunja) TOTP reuse flaw: 2FA TOTPs can be accepted for multiple sessions if the same timestamped code is reused within the 30‑second window. Root cause is in the TOTP validation path (ValidateTOTPPasscode) which fetches the user’s TOTP secret and validates the provided code, allowing re...

CVE-2026-33473 Vikunja has TOTP Reuse During Validity Window

Vikunja is an open-source self-hosted task management platform. Starting in version 0.13 and prior to version 2.2.1, any user that has enabled 2FA can have their TOTP reused during the standard 30 second validity window. Version 2.2.1 patches the issue...

CVE-2025-62717

Emlog is an open source website building system. In version 2.5.23, Emlog Pro is vulnerable to a session verification code error due to a clearing logic error. This means the verification code could be reused anywhere an email verification code is required. This issue has been fixed in commit...

EUVD-2025-29257

Malicious code in bioql PyPI...

Apache Tomcat 安全漏洞

Apache Tomcat is a lightweight Web application server from the American Apache Apache Foundation. The program implements support for Servlets and JavaServer Page JSP. A security vulnerability exists in Apache Tomcat that stems from the presence of an incorrect object recovery and reuse...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse vulnerability in the ipv6 component...

Reuse Vulnerability After Release in Various Mozilla Products

Mozilla Firefox and others are products of the Mozilla Foundation in the U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of e-mail client software separate from the Mozilla Application...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a post-release reuse vulnerability, which can be exploited by an attacker to potentially exploit heap corruption via specific UI gestures...

CVE-2024-5995

The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The expiration of the session is not properly configured, remaining valid for more than 7 days and can be reused...

Google Chrome post-release reuse vulnerability (CNVD-2025-20476)

Google Chrome is a free web browser developed by Google, Inc. It is the world's highest market share browser with its fast, secure and simple features, multi-platform support and built-in privacy protection. Google Chrome suffers from a post-release reuse vulnerability for which no detailed...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a post-release reuse vulnerability that can be exploited by an attacker to execute arbitrary code on a system...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome versions prior to 123.0.6312.105, which stems from the presence of a post-release reuse vulnerability...

Adobe Premiere Pro Post-Release Reuse Vulnerability

Adobe Premiere Pro is a set of non-linear editing video editing software from the American company Audobee Adobe. Adobe Premiere Pro suffers from a post-release reuse vulnerability that can be exploited by an attacker to execute code in the context of the current user...

Adobe Acrobat Reader post-release reuse vulnerability (CNVD-2023-71755)

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a post-release reuse vulnerability that can be exploited by an attacker to cause a sensitive memory leak...

Adobe Acrobat Reader post-release reuse vulnerability (CNVD-2023-71757)

Adobe Acrobat Reader is a PDF viewer from the American company Audobee Adobe. The software is used to print, sign and annotate PDF. Adobe Acrobat Reader has a post-release reuse vulnerability that can be exploited by an attacker to bypass ASLR and cause a sensitive memory leak...

Adobe Dimension Post-Release Reuse Vulnerability

Adobe Dimension is a 3D design tool that is very easy for designers to use while providing high quality visuals. To create realistic objects, Adobe Dimension uses materials defined in the NVidia Material Design Language. Adobe Dimension has a post-release reuse vulnerability in version 3.4.9 and...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a post-release reuse vulnerability that can lead to local elevation of privilege...

Authentication flaw

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocol...

Apple iOS and iPadOS Post-release Reuse Vulnerability

iOS is a mobile operating system developed by Apple. iPadOS is a family of mobile operating systems developed by Apple based on iOS. Apple iPadOS and iPadOS versions prior to 14.6 have a post-release reuse vulnerability that stems from a post-release use when handling email messages in the Mail...