Lucene search
K

2322 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/07 4:30 p.m.4 views

CVE-2026-4631

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

9.8CVSS6.4AI score0.142EPSS
Exploits3References8
Cvelist
Cvelist
added 2026/04/07 4:30 p.m.18 views

CVE-2026-4631 Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

9.8CVSS0.142EPSS
Exploits3References6
CVE
CVE
added 2026/04/07 4:30 p.m.259 views

CVE-2026-4631

CVE-2026-4631 affects Cockpit: unauthenticated remote code execution via SSH command-line argument injection in the remote login flow. The web interface passes user-supplied hostnames/usernames to the SSH client without validation, allowing a network-connected attacker to send a single HTTP reque...

9.8CVSS6.4AI score0.142EPSS
Exploits3References8
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.2 views

PT-2026-30930

OpenHarness prior to commit 166fcfe contains an improper access control vulnerability in built-in file tools due to inconsistent parameter handling in permission enforcement, allowing attackers who can influence agent tool execution to read arbitrary local files outside the intended repository...

8.4CVSS6.2AI score0.00127EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-4631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An...

9.8CVSS6.3AI score0.142EPSS
Exploits3References2
NVD
NVD
added 2026/04/06 10:16 p.m.7 views

CVE-2026-35452

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesyste...

5.3CVSS0.00367EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:47 p.m.7 views

CVE-2026-35452

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesyste...

5.3CVSS5.9AI score0.00367EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/04/06 9:47 p.m.13 views

CVE-2026-35452

WWBN AVideo (versions 26.0 and prior) is affected by CVE-2026-35452 due to unauthenticated access to CloneSite/plugin/CloneSite/client.log.php, which serves clone operation logs containing internal filesystem paths, remote server URLs, and SSH metadata. The vulnerability arises because this endpo...

5.3CVSS5.9AI score0.00367EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.7 views

PT-2026-30336

Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without authentication. Other endpoints in the CloneSite plugin directory enforce User::isAdmin. The log contains...

5.3CVSS6AI score0.00367EPSS
Exploits1References5
Hacker One
Hacker One
added 2026/04/03 10:59 a.m.22 views

curl: ignoring 'options' when doing connection reuse

libcurl contains a significant logic flaw in its connection pool matching mechanism. When a transfer specifies a required authentication policy—such as a specific SASL mechanism e.g., ;AUTH=GSSAPI or a restricted set of SSH authentication types CURLOPTSSHAUTHTYPES—libcurl fails to verify these...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30245

Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical default SSH and SSL keys that cannot be changed, allowing unauthenticated remote attackers to decrypt or intercept encrypted management communications. Attackers can perform...

8.8CVSS5.9AI score0.00291EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/02 9:23 p.m.12 views

OpenClaw: SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host

Summary SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: Real in shipped v2026.3.28: SSH sandbox tar upload lacked pre-upload symlink escape rejection until 3d5af14984 on...

8.1CVSS6AI score0.00533EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/04/02 9:23 p.m.3 views

GHSA-FV94-QVG8-XQPW OpenClaw: SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host

Summary SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: Real in shipped v2026.3.28: SSH sandbox tar upload lacked pre-upload symlink escape rejection until 3d5af14984 on...

8.1CVSS6.1AI score0.00533EPSS
Exploits0References6
Snyk
Snyk
added 2026/04/02 9:1 p.m.2 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the process.env variable being passed unsanitized to child processes. An attacker can influence the environment of...

5.1CVSS5.9AI score0.00152EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/02 9:1 p.m.11 views

OpenClaw: SSH-based sandbox backends pass unsanitized process.env to child processes

Summary SSH-based sandbox backends pass unsanitized process.env to child processes Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: Shipped SSH sandbox paths leaked unsanitized env into local SSH child processes, but remote leakage needs non-default SSH env...

5.9AI score
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/02 9:1 p.m.3 views

GHSA-J9PV-RRCJ-6PFX OpenClaw: SSH-based sandbox backends pass unsanitized process.env to child processes

Summary SSH-based sandbox backends pass unsanitized process.env to child processes Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: Shipped SSH sandbox paths leaked unsanitized env into local SSH child processes, but remote leakage needs non-default SSH env...

5.1CVSS5.9AI score
Exploits0References4
Cvelist
Cvelist
added 2026/04/02 4:44 p.m.162 views

CVE-2026-35386

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...

3.6CVSS0.00247EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/02 4:30 p.m.3 views

CVE-2026-35385

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

7.5CVSS5.8AI score0.00419EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.7 views

OpenSSH 安全漏洞

OpenSSH OpenBSD Secure Shell is a set of open-source tools developed by OpenBSD in Canada, designed for secure access to remote computers. This tool is an open-source implementation of the SSH protocol, supporting encryption of all transmissions. It effectively prevents eavesdropping, connection...

2.5CVSS5.9AI score0.0013EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.9 views

OpenSSH 安全漏洞

OpenSSH OpenBSD Secure Shell is a set of open-source tools developed by OpenBSD in Canada for secure access to remote computers. This tool is an open-source implementation of the SSH protocol, supporting encryption of all transmissions. It effectively prevents eavesdropping, connection hijacking,...

8.1CVSS5.9AI score0.00247EPSS
Exploits0References3
Rows per page
Query Builder