Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 2026/04/10 4:3 p.m.20 views

CVE-2026-35620 OpenClaw < 2026.3.24 - Missing Authorization in /send and /allowlist Chat Commands

OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands fail to enforce...

5.4CVSS0.00065EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2025/12/09 5:27 p.m.3 views

CVE-2025-48573

In sendCommand of MediaSessionRecord.java, there is a possible way to launch the foreground service while the app is in the background due to FGS while-in-use abuse. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.8AI score0.00006EPSS
Exploits0References1
NVD
NVDadded 2025/12/08 5:16 p.m.3 views

CVE-2025-48573

In sendCommand of MediaSessionRecord.java, there is a possible way to launch the foreground service while the app is in the background due to FGS while-in-use abuse. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS0.00006EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/12/08 4:57 p.m.1 views

CVE-2025-48573

In sendCommand of MediaSessionRecord.java, there is a possible way to launch the foreground service while the app is in the background due to FGS while-in-use abuse. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

6.4AI score0.00006EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/12/08 4:57 p.m.16 views

CVE-2025-48573

In sendCommand of MediaSessionRecord.java, there is a possible way to launch the foreground service while the app is in the background due to FGS while-in-use abuse. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

0.00006EPSS
Exploits0References2
CVE
CVEadded 2025/07/14 6:2 a.m.16 views

CVE-2025-7578

The CVE-2025-7578 entry affects Teledyne FLIR FB-Series O and FLIR FH-Series ID version 1.3.2.16. The flaw resides in the sendCommand function of runcmd.sh, where manipulating the cmd argument yields a command-injection condition. The vulnerability can be triggered remotely, with attack complexit...

5CVSS5.6AI score0.00921EPSS
Exploits0References4
OSV
OSVadded 2015/12/16 9:59 p.m.1 views

UBUNTU-CVE-2015-8476

Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an 1 email address to the validateAddress function in class.phpmailer.php or 2 SMTP command to the sendCommand function in class.smtp.php, a different...

5CVSS7.3AI score0.00948EPSS
Exploits0References3
Rows per page
Query Builder