CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16989 matches found

NVD•added 2026/04/23 10:16 p.m.•2 views

CVE-2026-41353

OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile mutation and runtime profile selection. Remote attackers can exploit this by manipulating browser proxy profil...

8.1CVSS0.00335EPSS

Exploits0References3

ATTACKERKB•added 2026/04/23 9:58 p.m.•1 views

CVE-2026-41353

8.1CVSS5.8AI score0.00335EPSS

Exploits0References4

CVE•added 2026/04/23 9:58 p.m.•20 views

CVE-2026-41353

OpenClaw vulnerable in versions before 2026.3.22 due to an access control bypass in the allowProfiles feature. The root cause is via persistent profile mutation and runtime profile selection, enabling remote attackers to manipulate browser proxy profiles at runtime to access restricted profiles a...

8.1CVSS5.8AI score0.00335EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/04/23 9:58 p.m.•3 views

CVE-2026-41353 OpenClaw < 2026.3.22 - allowProfiles Bypass via Profile Mutation and Runtime Selection

8.1CVSS5.3AI score0.00335EPSS

Exploits0References3

RedHat Linux•added 2026/04/23 9:39 p.m.•4 views

golang: cmd/compile: no-op interface conversion bypasses overlap checking

A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data...

7.1CVSS5.8AI score0.00261EPSS

Exploits0References8

RedHat Linux•added 2026/04/23 4:10 p.m.•12 views

Important: Red Hat Security Advisory: OpenJDK 21.0.11 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

7.5CVSS7.2AI score0.00358EPSS

Exploits0References2

EUVD•added 2026/04/23 3:38 p.m.•5 views

EUVD-2025-209565

An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests. Applications expect to use the WebPage::send-request signal handler to approve or reject all network requests. However, certain types of HTTP request...

4.7CVSS5.8AI score0.00233EPSS

Exploits0References4

NVD•added 2026/04/23 10:16 a.m.•6 views

CVE-2026-3259

A Generation of Error Message Containing Sensitive Information vulnerability in the Materialized View Refresh mechanism in Google BigQuery on Google Cloud Platform allows an authenticated user to potentially disclose sensitive data using a crafted materialized view that triggers a runtime error...

7.1CVSS0.00226EPSS

Exploits0References1

ATTACKERKB•added 2026/04/23 8:35 a.m.•3 views

CVE-2026-3259

7.1CVSS5.7AI score0.00226EPSS

Exploits0References2

RedHat Linux•added 2026/04/23 8:31 a.m.•6 views

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

7.5CVSS7.1AI score0.01373EPSS

Exploits0References2

OSV•added 2026/04/23 12:16 a.m.•5 views

DEBIAN-CVE-2026-41176

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint options/set is exposed without AuthRequired: true, but it can mutate global runtime configuration, including the RC option block itself. Starting in version 1.45.0 and pri...

9.8CVSS5.4AI score0.34525EPSS

Exploits1References1

NVD•added 2026/04/23 12:16 a.m.•3 views

CVE-2026-41176

9.8CVSS0.34525EPSS

Exploits1References3

CNNVD•added 2026/04/23 12:0 a.m.•6 views

Google BigQuery 安全漏洞

Google BigQuery is a cloud data warehouse service provided by Google Inc., designed for large-scale data analysis and high-performance query processing. There is a security vulnerability in Google BigQuery. This vulnerability stems from the materialized view refresh mechanism, which generates err...

7.1CVSS5.8AI score0.00226EPSS

Exploits0References1

Positive Technologies•added 2026/04/23 12:0 a.m.•7 views

PT-2026-34784

8.1CVSS5.8AI score0.00335EPSS

Exploits0References5

CNNVD•added 2026/04/23 12:0 a.m.•6 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from an access control bypass vulnerability in the allowProfiles function. This allowed attackers to...

8.1CVSS5.8AI score0.00335EPSS

Exploits0References1

Tenable Nessus•added 2026/04/23 12:0 a.m.•6 views

RHEL 9 : .NET 8.0 (RHSA-2026:10084)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:10084 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation...

7.5CVSS5.6AI score0.01373EPSS

Exploits0References4

Tenable Nessus•added 2026/04/23 12:0 a.m.•4 views

RHEL 10 : .NET 8.0 (RHSA-2026:10091)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:10091 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation...

7.5CVSS7.2AI score0.01373EPSS

Exploits0References4