Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/23 6:10 p.m.6 views

EUVD-2026-38565

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. From 0.101.0 until 0.184.0, sandbox previews that were switched from public to private could remain reachable without authentication for a short period after the change, due to a cached...

7CVSS6.3AI score0.00249EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/07 1:43 a.m.6 views

CVE-2026-28479

OpenClaw versions prior to 2026.2.15 use SHA-1 to hash sandbox identifier cache keys for Docker and browser sandbox configurations, which is deprecated and vulnerable to collision attacks. An attacker can exploit SHA-1 collisions to cause cache poisoning, allowing one sandbox configuration to be...

9.1CVSS5.7AI score0.00179EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/05 9:59 p.m.7 views

EUVD-2026-9925

OpenClaw versions prior to 2026.2.15 use SHA-1 to hash sandbox identifier cache keys for Docker and browser sandbox configurations, which is deprecated and vulnerable to collision attacks. An attacker can exploit SHA-1 collisions to cause cache poisoning, allowing one sandbox configuration to be...

8.7CVSS5.9AI score0.00179EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/19 7:41 p.m.6 views

Use of Weak Hash

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Use of Weak Hash due to the use of SHA-1 in the process that generates sandbox identifier cache keys for Docker or browser sandbox configuration. An attacker can cause one configuration t...

9.1CVSS5.6AI score0.00179EPSS
Exploits0References2
Rows per page
Query Builder