Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2504 matches found

OSV
OSVadded 2026/03/31 3:31 p.m.1 views

GHSA-F275-5H5C-5WG5 Duplicate Advisory: OpenClaw: /pair approve command path omitted caller scope subsetting and reopened device pairing escalation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hc5h-pmr3-3497. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails ...

9.8CVSS5.8AI score0.00624EPSS
Exploits0References4
NVD
NVDadded 2026/03/31 3:16 p.m.3 views

CVE-2026-33577

OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that allows low-privilege operators to approve nodes with broader scopes. Attackers can exploit missing callerScopes validation in node-pairing.ts to extend privileges onto paired...

8.6CVSS0.00379EPSS
Exploits0References3
NVD
NVDadded 2026/03/31 3:16 p.m.3 views

CVE-2026-33579

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes...

9.9CVSS0.00624EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/03/31 2:10 p.m.25 views

CVE-2026-33579 OpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair Approval

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes...

9.9CVSS0.00624EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/03/31 2:10 p.m.1 views

CVE-2026-33579 OpenClaw < 2026.3.28 - Privilege Escalation via Missing Caller Scope Validation in Device Pair Approval

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes...

9.9CVSS5.9AI score0.00624EPSS
Exploits0References3
CVE
CVEadded 2026/03/31 2:10 p.m.10 views

CVE-2026-33579

Technical details, affected products, and remediation are not provided in the supplied documents. Monitor for updates.

9.9CVSS5.9AI score0.00624EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/31 2:10 p.m.25 views

CVE-2026-33579

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes...

8.6CVSS5.9AI score0.00624EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/31 2:10 p.m.21 views

CVE-2026-33577 OpenClaw < 2026.3.28 - Insufficient Scope Validation in node.pair.approve

OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that allows low-privilege operators to approve nodes with broader scopes. Attackers can exploit missing callerScopes validation in node-pairing.ts to extend privileges onto paired...

8.6CVSS0.00379EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/03/31 2:10 p.m.2 views

CVE-2026-33577 OpenClaw < 2026.3.28 - Insufficient Scope Validation in node.pair.approve

OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that allows low-privilege operators to approve nodes with broader scopes. Attackers can exploit missing callerScopes validation in node-pairing.ts to extend privileges onto paired...

8.6CVSS5.9AI score0.00379EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/03/31 2:10 p.m.1 views

CVE-2026-33577

OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that allows low-privilege operators to approve nodes with broader scopes. Attackers can exploit missing callerScopes validation in node-pairing.ts to extend privileges onto paired...

8.6CVSS5.9AI score0.00379EPSS
Exploits0References4
CVE
CVEadded 2026/03/31 2:10 p.m.5 views

CVE-2026-33577

CVE-2026-33577 (OpenClaw) : OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node-pairing approval path. The issue is caused by missing callerScopes validation in node-pairing.ts, allowing a low-privilege operator to approve nodes with broader scopes onto t...

8.6CVSS5.9AI score0.00379EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2026/03/31 11:17 a.m.5 views

CVE-2026-32976

OpenClaw is affected by an authorization bypass in versions before 2026.3.11. An attacker with authorized access on one account can issue channel commands (e.g., /config set channels..accounts.) to mutate protected sibling-account configurations despite configWrites: false. Impact is the modifica...

7.1CVSS6AI score0.00194EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVEadded 2026/03/31 8:12 a.m.4 views

CVE-2026-32727

A flaw was found in SciTokens. A remote attacker can exploit this path traversal vulnerability by using "dot-dot" .. in the scope claim of a token. This allows the attacker to bypass intended directory restrictions, potentially leading to unauthorized access to files and directories outside of th...

8.1CVSS5.9AI score0.00516EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2026/03/31 7:48 a.m.0 views

CVE-2026-32716

A flaw was found in SciTokens. The Enforcer component incorrectly validates scope paths by using a simple prefix match. This allows an attacker with a valid token for a specific path to gain unauthorized access to sibling paths that share the same prefix. This authorization bypass can lead to...

8.1CVSS5.8AI score0.00389EPSS
Exploits1References2
NVD
NVDadded 2026/03/31 3:15 a.m.3 views

CVE-2026-32727

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.7, the Enforcer is vulnerable to a path traversal attack where an attacker can use dot-dot .. in the scope claim of a token to escape the intended directory restriction. This occurs because the library...

8.1CVSS0.00516EPSS
Exploits1References4
NVD
NVDadded 2026/03/31 3:15 a.m.2 views

CVE-2026-32716

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validates scope paths by using a simple prefix match startswith. This allows a token with access to a specific path e.g., /john to also access sibling paths that start with the sa...

8.1CVSS0.00389EPSS
Exploits1References3
Snyk
Snykadded 2026/03/31 3:11 a.m.1 views

Directory Traversal

Overview scitokens is a SciToken reference implementation library Affected versions of this package are vulnerable to Directory Traversal via the checkscope and scopepathmatches functions. An attacker can gain unauthorized access to restricted directories by including dot-dot .. sequences in the...

8.6CVSS6.5AI score0.00516EPSS
Exploits1References2
Snyk
Snykadded 2026/03/31 3:10 a.m.2 views

Improper Authorization

Overview scitokens is a SciToken reference implementation library Affected versions of this package are vulnerable to Improper Authorization via the validatescp and validatescope functions. An attacker can gain unauthorized access to sibling paths by crafting tokens with scope paths that share a...

8.6CVSS5.9AI score0.00389EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/31 1:31 a.m.0 views

CVE-2026-32727

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.7, the Enforcer is vulnerable to a path traversal attack where an attacker can use dot-dot .. in the scope claim of a token to escape the intended directory restriction. This occurs because the library...

8.1CVSS5.8AI score0.00516EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/31 1:31 a.m.0 views

CVE-2026-32727 SciTokens: Authorization Bypass via Path Traversal in Scope Validation

SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.7, the Enforcer is vulnerable to a path traversal attack where an attacker can use dot-dot .. in the scope claim of a token to escape the intended directory restriction. This occurs because the library...

8.1CVSS5.8AI score0.00516EPSS
Exploits1References4
Rows per page
Query Builder