Lucene search
K

6 matches found

EUVD
EUVD
added 5 hours ago11 views

EUVD-2026-36312

OpenClaw: Combined POSIX shell options could confuse exec revalidation...

8.8CVSS5.8AI score0.00419EPSS
Exploits0References3
NVD
NVD
added 2026/06/11 9:16 p.m.11 views

CVE-2026-53806

OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling...

8.8CVSS0.00419EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.14 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.12 contained security vulnerabilities. These vulnerabilities stemmed from shell option parsing; combining POSIX shell flags could bypass the exec revalidation check. Attackers c...

8.8CVSS5.3AI score0.00419EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/07 10:32 p.m.13 views

utcp-http vulnerable to SSRF via attacker-controlled OpenAPI servers[0].url in HTTP communication protocol

Summary The utcp-http plugin is vulnerable to a blind Server-Side Request Forgery SSRF caused by a trust-boundary inconsistency between manual discovery and tool invocation. registermanual validates the discovery URL against an HTTPS / loopback allowlist, but calltool and calltoolstreaming reuse...

4.7CVSS5.9AI score0.00168EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/05/07 11:15 a.m.2 views

CVE-2020-36125

Pax Technology PAXSTORE v7.0.820200511171508 and lower is affected by incorrect access control where password revalidation in sensitive operations can be bypassed remotely by an authenticated attacker through requesting the endpoint directly...

7.1CVSS5.4AI score0.00939EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/05/07 10:35 a.m.12 views

CVE-2020-36125

Pax Technology PAXSTORE v7.0.820200511171508 and lower is affected by incorrect access control where password revalidation in sensitive operations can be bypassed remotely by an authenticated attacker through requesting the endpoint directly...

7AI score0.00939EPSS
Exploits1References3
Rows per page
Query Builder