CVE-2026-1238

The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fh' fingerprint parameter in all versions up to, and including, 5.3.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

EUVD-2026-13016

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text...

Duplicate Advisory: OpenClaw's Node system.run approval hardening wrapper semantic drift can execute unintended local scripts

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h3rm-6x7g-882f. This link is maintained to preserve external references. Original Description OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting...

GHSA-G87J-GM7P-6VW2 Duplicate Advisory: OpenClaw's Node system.run approval hardening wrapper semantic drift can execute unintended local scripts

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h3rm-6x7g-882f. This link is maintained to preserve external references. Original Description OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting...

CVE-2026-31999

OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execution behavior through cwd manipulation. Remote attackers can exploit improper shell execution...

CVE-2026-29608

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text...

CVE-2026-29608

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text...

CVE-2026-29608

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text...

CVE-2026-29608 OpenClaw 2026.3.1 < 2026.3.2 - Approval Integrity Bypass via system.run argv Rewriting

OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the working directory to execute unintended code despite operator approval of different command text...

CVE-2026-29608

OpenClaw 2026.3.1 contains an approval-integrity vulnerability in the system.run node-host path where argv rewriting changes the executed command. The issue allows an attacker to place a local script in the approved working directory and have it run instead of the text shown to the operator, desp...

MAL-2026-1704 Malicious code in date-fns-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae8c5ce8aaa40b0479646a8cd09a5a83b803e857a64de372621002edcb2e27cd The package date-fns-scripts was found to contain malicious code...

Malicious code in date-fns-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae8c5ce8aaa40b0479646a8cd09a5a83b803e857a64de372621002edcb2e27cd The package date-fns-scripts was found to contain malicious code...

CVE-2026-22322

A stored cross‑site scripting XSS vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to create a trunk entry containing malicious HTML/JavaScript code. When the affected page is viewed, the injected script executes in the context of the victim’...

PT-2026-26087

The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.3 via the 'template' parameter in gallery shortcodes. This makes it possible for authenticated attackers, with Author-level access...

PT-2026-26073

Name of the Vulnerable Software and Affected Versions Jenkins versions 2.554 and earlier Jenkins LTS versions 2.541.2 and earlier Description The software does not safely handle symbolic links when extracting .tar and .tar.gz archives. This allows crafted archives to write files to arbitrary...

Remote Code Execution (RCE)

com.liferay, com.liferay.object.service is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper restriction on the use of Groovy scripts in Object actions, which allows authenticated admin users with the Instance Administrator role to execute arbitrary Groovy scripts and...

grub2 security update

2.12-29.0.1.el101.2 - efinet: Close and reopen card on failure Orabug: 37808688 - Update grub2 dependencies to match new Secure Boot certificate chain of trust Orabug: 37766761 - Fix typo in SBAT metadata Orabug: 37693946 - Allow installation of grub2 only with shim-aa64 that allows booting it...

EUVD-2016-10809

ZKTeco ZKBioSecurity 3.0 contains multiple reflected cross-site scripting vulnerabilities that allow attackers to execute arbitrary HTML and script code by injecting malicious payloads through unsanitized parameters in multiple scripts. Attackers can craft malicious URLs with XSS payloads in...

EUVD-2013-7292

Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being stored and returned to users. Attackers can inject malicious JavaScript code through parameters like 'title', 'name', 'email',...

EUVD-2015-9411

Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize file uploads, allowing attackers to store malicious scripts through the file POST parameter in admin/tools.php. Attackers can upload files containing JavaScript code that executes in the context of admin/tools.php when accessed by...