CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54 matches found

CVE•added 2026/04/26 7:45 p.m.•16 views

CVE-2026-7058

CVE-2026-7058 affects 666ghj MiroFish

7.5CVSS7AI score0.01338EPSS

Exploits0References5

Cvelist•added 2026/04/26 7:45 p.m.•36 views

CVE-2026-7058 666ghj MiroFish Inter-Process Communication simulation_ipc.py SimulationIPCClient.send_command command injection

A vulnerability has been found in 666ghj MiroFish up to 0.1.2. The impacted element is the function SimulationIPCClient.sendcommand of the file backend/app/services/simulationipc.py of the component Inter-Process Communication. Such manipulation leads to command injection. It is possible to launc...

7.5CVSS0.01338EPSS

Exploits0References5

NVD•added 2026/04/10 5:17 p.m.•7 views

CVE-2026-35620

OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands fail to enforce...

5.4CVSS0.00442EPSS

Exploits1References6

EUVD•added 2026/04/10 4:3 p.m.•5 views

EUVD-2026-21432

5.4CVSS5.9AI score0.00442EPSS

Exploits1References6

ATTACKERKB•added 2026/04/10 4:3 p.m.•3 views

CVE-2026-35620

5.4CVSS5.9AI score0.00442EPSS

Exploits1References7

Vulnrichment•added 2026/04/10 4:3 p.m.•1 views

CVE-2026-35620 OpenClaw < 2026.3.24 - Missing Authorization in /send and /allowlist Chat Commands

5.4CVSS5.9AI score0.00442EPSS

Exploits1References6

CNNVD•added 2026/04/10 12:0 a.m.•7 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.24 contained security vulnerabilities. These vulnerabilities stemmed from insufficient authorization checks in the /send and /allowlist chat command processors. As a result,...

5.4CVSS5.8AI score0.00442EPSS

Exploits1References6

Positive Technologies•added 2026/04/10 12:0 a.m.•7 views

PT-2026-31955

5.4CVSS5.9AI score0.00442EPSS

Exploits1References7

Github Security Blog•added 2026/03/30 7:6 p.m.•4 views

OpenClaw: Non-owner command-authorized sender can change the owner-only `/send` session delivery policy

Fixed in OpenClaw 2026.3.24, the current shipping release. Title Non-owner command-authorized sender can change the owner-only /send session delivery policy CWE CWE-285 Improper Authorization CVSS v3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L Base score: 5.4 Medium Severity Assessment Medium...

5.4CVSS5.9AI score0.00442EPSS

Exploits1References8Affected Software1

Vulnrichment•added 2026/01/13 11:54 a.m.•2 views

CVE-2026-0859 TYPO3 CMS Allows Insecure Deserialization via Mailer File Spool

TYPO3's mail‑file spool deserialization flaw lets local users with write access to the spool directory craft a malicious file that is deserialized during the mailer:spool:send command, enabling arbitrary PHP code execution on the web server. This issue affects TYPO3 CMS versions 10.0.0-10.4.54,...

5.2CVSS7.2AI score0.00165EPSS

Exploits0References4

UbuntuCve•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54320

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...

6.2AI score0.00159EPSS

Exploits0References4

OSV•added 2025/12/30 1:16 p.m.•3 views

UBUNTU-CVE-2023-54320

6.2AI score0.00159EPSS

Exploits0References5

Cvelist•added 2025/12/30 12:34 p.m.•21 views

CVE-2023-54320 platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2()

0.00159EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-12815