Lucene search
K

2082 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/31 2:10 p.m.3 views

CVE-2026-34503

OpenClaw before 2026.3.28 fails to disconnect active WebSocket sessions when devices are removed or tokens are revoked. Attackers with revoked credentials can maintain unauthorized access through existing live sessions until forced reconnection...

8.6CVSS5.9AI score0.00332EPSS
Exploits0References4
CVE
CVE
added 2026/03/31 2:10 p.m.13 views

CVE-2026-34503

OpenClaw (vulnerable: before 2026.3.28) fails to terminate active WebSocket sessions when devices are removed or tokens are revoked, enabling persistence of access for revoked credentials through existing live sessions until forced reconnection. This impacts OpenClaw deployments using the affecte...

8.6CVSS5.9AI score0.00332EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.5 views

PT-2026-29265

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28 Description The software does not disconnect active WebSocket sessions when devices are removed or tokens are revoked. This allows attackers with revoked credentials to maintain unauthorized access through...

8.6CVSS5.9AI score0.00332EPSS
Exploits0References8
Snyk
Snyk
added 2026/03/30 10:36 p.m.3 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the OCSP response validation process. An attacker can bypass certificate revocation checks by providing a forged OCSP response, potentially enabling man-in-the-middle attacks...

8.2CVSS5.9AI score0.00154EPSS
Exploits0References2
CVE
CVE
added 2026/03/30 8:36 p.m.18 views

CVE-2026-32883

CVE-2026-32883 affects the Botan C++ cryptography library. From version 3.0.0 through before 3.11.0, during X509 path validation, OCSP responses were checked for a valid status but the OCSP response signature itself was not verified, enabling a potential Man‑in‑the‑Middle in certificate revocatio...

5.9CVSS5.8AI score0.00154EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/30 8:36 p.m.19 views

CVE-2026-32883 Botan: Missing OCSP Response Signature Verification Allows MitM Certificate Revocation Bypass

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

5.9CVSS0.00154EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/30 8:36 p.m.4 views

CVE-2026-32883 Botan: Missing OCSP Response Signature Verification Allows MitM Certificate Revocation Bypass

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

5.9CVSS5.8AI score0.00154EPSS
Exploits0References1
OSV
OSV
added 2026/03/30 8:36 p.m.3 views

CVE-2026-32883 Botan: Missing OCSP Response Signature Verification Allows MitM Certificate Revocation Bypass

Botan is a C++ cryptography library. From version 3.0.0 to before version 3.11.0, during X509 path validation, OCSP responses were checked for an appropriate status code, but critically omitted verifying the signature of the OCSP response itself. This issue has been patched in version 3.11.0...

5.9CVSS5.8AI score0.00154EPSS
Exploits0References3
OSV
OSV
added 2026/03/30 8:13 a.m.3 views

OPENSUSE-SU-2026:20444-1 Security update for tomcat10

This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.52: - CVE-2025-55752: directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753. - CVE-2025-55754: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat bsc125290...

9.6CVSS6.8AI score0.66535EPSS
Exploits4References13
OSV
OSV
added 2026/03/27 7:11 a.m.5 views

BIT-DISCOURSE-2026-33424 PM access granted through invites after access revocation

Discourse is an open-source discussion platform. Prior to versions 2026.3.0, 2026.2.1, and 2026.1.2, an attacker can grant access to a private message topic through invites even after they lose access to that PM. Versions 2026.3.0, 2026.2.1, and 2026.1.2 contain a patch. No known workarounds are...

5.9CVSS5.9AI score0.00217EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/27 12:0 a.m.5 views

Clawed and Dangerous: Can We Trust Open Agentic Systems?

Open agentic systems combine LLM-based planning with external capabilities, persistent memory, and privileged execution. They are used in coding assistants, browser copilots, and enterprise automation. OpenClaw is a visible instance of this broader class. Without much attention yet, their securit...

6.1AI score
Exploits0
OSV
OSV
added 2026/03/26 9:30 p.m.7 views

GHSA-PW7H-9G6P-C378 OpenClaw: Tlon settings empty-allowlist reconciliation bypassed intended revocation

Summary Tlon settings reconciliation treated explicit empty allowlists as unset, which could silently undo an intended deny-all revocation. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

2.3CVSS5.8AI score0.00278EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/26 9:30 p.m.7 views

OpenClaw: Tlon settings empty-allowlist reconciliation bypassed intended revocation

Summary Tlon settings reconciliation treated explicit empty allowlists as unset, which could silently undo an intended deny-all revocation. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

6.5CVSS5.8AI score0.00278EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.4 views

CVE-2026-3237

In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It was not possible to expose the signing keys using this...

2.3CVSS5.8AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-3548

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.2CVSS6.1AI score0.00471EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.8 views

EVerest 安全漏洞

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions of EVerest prior to 2026.02.0 contained security vulnerabilities. These vulnerabilities stemmed from issues with the WithdrawAuthorization function processing events before TransactionStarted,...

6.5CVSS5.8AI score0.00288EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/03/25 4:52 p.m.17 views

tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation

A flaw was found in Apache Tomcat. When an Online Certificate Status Protocol OCSP responder is used, the Tomcat Native component, and Tomcat's FFM port of the Tomcat Native code, does not properly verify or check the freshness of the OCSP response. This improper input validation vulnerability...

7.5CVSS5.7AI score0.00498EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/25 4:52 p.m.12 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.1 release and security update

Red Hat JBoss Web Server 6.2.1 is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives ...

7.5CVSS5.8AI score0.00498EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/03/25 4:44 p.m.7 views

tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation

A flaw was found in Apache Tomcat. When an Online Certificate Status Protocol OCSP responder is used, the Tomcat Native component, and Tomcat's FFM port of the Tomcat Native code, does not properly verify or check the freshness of the OCSP response. This improper input validation vulnerability...

7.5CVSS5.7AI score0.00498EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/25 4:44 p.m.8 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.1 release and security update

Red Hat JBoss Web Server 6.2.1 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

7.5CVSS5.8AI score0.00498EPSS
Exploits0References3
Rows per page
Query Builder