Lucene search
K

2610 matches found

Github Security Blog
Github Security Blog
added 2026/03/13 3:48 p.m.7 views

OpenClaw: Write-scoped callers could reach admin-only session reset logic through `agent`

Summary In affected versions of openclaw, a gateway caller with operator.write could issue agent requests containing /new or /reset and reach the same reset path used by the admin-only sessions.reset RPC. Impact On gateways where a caller is intentionally granted operator.write but not...

5.8AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/13 3:47 p.m.3 views

GHSA-8JHH-JCQG-MJ5P OpenClaw: Channel commands could bypass account-scoped `configWrites` restrictions

Summary In affected versions of openclaw, channel-initiated config mutations were authorized against the originating account's configWrites policy but did not consistently re-check the targeted account scope. An authorized sender on one account could mutate protected sibling-account configuration...

6.5CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/13 3:47 p.m.5 views

OpenClaw: Channel commands could bypass account-scoped `configWrites` restrictions

Summary In affected versions of openclaw, channel-initiated config mutations were authorized against the originating account's configWrites policy but did not consistently re-check the targeted account scope. An authorized sender on one account could mutate protected sibling-account configuration...

5.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/13 3:47 p.m.4 views

GHSA-4W7M-58CG-CMFF OpenClaw: Leaf subagents could steer sibling sessions across sandbox boundaries

Summary In affected versions of openclaw, sandboxed leaf subagents could still access the subagents control surface and resolve against the parent requester scope instead of remaining confined to their own session tree. Impact A low-privilege sandboxed leaf worker could steer or kill a sibling ru...

8.8CVSS5.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/13 3:47 p.m.6 views

OpenClaw: Leaf subagents could steer sibling sessions across sandbox boundaries

Summary In affected versions of openclaw, sandboxed leaf subagents could still access the subagents control surface and resolve against the parent requester scope instead of remaining confined to their own session tree. Impact A low-privilege sandboxed leaf worker could steer or kill a sibling ru...

5.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/13 3:47 p.m.3 views

GHSA-4JPW-HJ22-2XMC OpenClaw: Pairing-scoped device tokens could mint `operator.admin` and reach node RCE

Summary In affected versions of openclaw, a caller holding only operator.pairing could use device.token.rotate to mint a new token with broader scopes for an already paired device. If the target device was approved for operator.admin, the attacker could obtain an administrative token without...

9.9CVSS6.5AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/13 3:47 p.m.10 views

OpenClaw: Pairing-scoped device tokens could mint `operator.admin` and reach node RCE

Summary In affected versions of openclaw, a caller holding only operator.pairing could use device.token.rotate to mint a new token with broader scopes for an already paired device. If the target device was approved for operator.admin, the attacker could obtain an administrative token without...

6.5AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/12 2:21 p.m.3 views

GHSA-GP3Q-WPQ4-5C5H OpenClaw: LINE group allowlist scope mismatch with DM pairing-store entries

Summary In specific LINE configurations, sender IDs approved through DM pairing could also satisfy group allowlist checks when operators expected group sender access to be scoped only to explicit group allowlists. Affected Packages / Versions - Package: openclaw npm - Latest published version at...

7.1CVSS5.8AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/12 2:21 p.m.8 views

OpenClaw: LINE group allowlist scope mismatch with DM pairing-store entries

Summary In specific LINE configurations, sender IDs approved through DM pairing could also satisfy group allowlist checks when operators expected group sender access to be scoped only to explicit group allowlists. Affected Packages / Versions - Package: openclaw npm - Latest published version at...

5.8AI score
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/11 11:56 p.m.5 views

CVE-2026-3783

A flaw was found in curl. When an OAuth2 bearer token is used for an HTTPS transfer that redirects to a second URL, curl could unintentionally leak the token. This occurs if the second hostname has entries in the .netrc file, allowing the bearer token intended for the first host to be sent to the...

5.7CVSS5.7AI score0.00333EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/03/11 7:55 p.m.2 views

CVE-2026-32097 PingPong has improper access control in thread file endpoints allows access outside intended scope

PingPong is a platform for using large language models LLMs for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploade...

8.6CVSS5.8AI score0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/10 9:32 p.m.12 views

EUVD-2026-10829

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

5.3CVSS5.8AI score0.00248EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/10 9:32 p.m.9 views

EUVD-2026-10828

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

5.3CVSS5.8AI score0.00248EPSS
Exploits0References5
OSV
OSV
added 2026/03/10 8:16 p.m.4 views

CVE-2026-3582

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

4.3CVSS5.8AI score0.00248EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/10 6:56 p.m.29 views

CVE-2026-3582 Incorrect Authorization in GitHub Enterprise Server allows access to issue and commit search results without repo scope

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

5.3CVSS0.00248EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/10 6:56 p.m.3 views

CVE-2026-3582

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

5.3CVSS5.8AI score0.00248EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/03/10 6:56 p.m.13 views

CVE-2026-3582

CVE-2026-3582 affects GitHub Enterprise Server. An Incorrect Authorization vulnerability allowed an authenticated user with a classic PAT lacking the repo scope to retrieve issues and commits from private/internal repositories via the search REST API, provided the user already had access to the r...

5.3CVSS5.8AI score0.00248EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 6:56 p.m.3 views

CVE-2026-3582 Incorrect Authorization in GitHub Enterprise Server allows access to issue and commit search results without repo scope

An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user with a classic personal access token PAT lacking the repo scope to retrieve issues and commits from private and internal repositories via the search REST API endpoints. The user...

5.3CVSS5.8AI score0.00248EPSS
Exploits0References4
OSV
OSV
added 2026/03/10 6:28 p.m.5 views

GO-2026-4565 Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations in github.com/bitnami-labs/sealed-secrets

Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations in github.com/bitnami-labs/sealed-secrets...

4.9CVSS5.8AI score0.00352EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.10 views

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is an open-source application developed by GitHub in the United States. It provides a scalable and easy-to-manage platform by allowing users to set their GitHub instances as virtual devices. Prior to version 3.20 of GitHub Enterprise Server, there were security...

5.3CVSS5.8AI score0.00248EPSS
Exploits0References4
Rows per page
Query Builder