Lucene search
K

5 matches found

NVD
NVD
added 2026/04/28 7:37 p.m.4 views

CVE-2026-41408

OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availabilit...

6.5CVSS0.00343EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/28 6:10 p.m.3 views

CVE-2026-41408

OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availabilit...

4.3CVSS5.2AI score0.00343EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/28 6:10 p.m.3 views

CVE-2026-41408 OpenClaw < 2026.3.31 - Disk Exhaustion via Media Download Bypass

OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availabilit...

4.3CVSS5.2AI score0.00343EPSS
Exploits0References3
CVE
CVE
added 2026/04/28 6:10 p.m.11 views

CVE-2026-41408

CVE-2026-41408 concerns OpenClaw before 2026.3.31, where a resource-exhaustion flaw in media downloads bypasses safety limits for file size, count, and cleanup, enabling potential disk-space exhaustion and availability impact. The advisory notes this is an availability-risk issue (low to medium s...

6.5CVSS5.2AI score0.00343EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/24 10:16 p.m.3 views

GHSA-XW6W-9JJH-P9CR Scriban has Multiple Denial-of-Service Vectors via Unbounded Resource Consumption During Expression Evaluation

Summary Scriban's expression evaluation contains three distinct code paths that allow an attacker who can supply a template to cause denial of service through unbounded memory allocation or CPU exhaustion. The existing safety controls LimitToString, LoopLimit do not protect these paths, giving...

6.5CVSS6AI score
Exploits0References2
Rows per page
Query Builder