Lucene search
K

29 matches found

Veracode
Veracode
added 5 days ago7 views

SSH Configuration Injection

Coder is vulnerable to SSH Configuration Injection. The vulnerability is due to coder config-ssh writing server-supplied HostnameSuffix and SSHConfigOptions into the user's /.ssh/config without properly sanitizing embedded newlines or restricting SSH directives, which allows an attacker controlli...

8.3CVSS6AI score0.00466EPSS
Exploits0References9Affected Software2
Cvelist
Cvelist
added 2026/07/03 6:13 a.m.59 views

CVE-2026-12064 proto-default skips SSH verification

When a user invokes curl using a schemeless URL combined with --proto-default sftp or scp, a disconnect occurs between the tool layer and libcurl. The tool layer incorrectly infers the URL scheme, which erroneously bypasses the initialization of critical SSH security options like...

0.00574EPSS
Exploits1References3
OSV
OSV
added 2026/07/02 5:11 p.m.4 views

GHSA-VXX3-6HC9-7CC3 OpenClaw: Combined POSIX shell options could confuse exec revalidation

Summary Combined POSIX shell options could confuse exec revalidation. In affected versions, a command request using combined shell flags could parse approval-time and execution-time shell options differently. This advisory is scoped to the named feature and configuration. It does not change...

8.8CVSS6AI score0.00419EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/11 9:13 p.m.6 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition via the exec process. An attacker can execute unauthorized commands by bypassing intended allowlist validation using combined shell options...

8.8CVSS6AI score0.00419EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:5 p.m.8 views

CVE-2026-53806 OpenClaw < 2026.5.12 - Shell Option Parsing Bypass in Exec Revalidation

OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling...

8.8CVSS5.7AI score0.00419EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/11 8:5 p.m.34 views

CVE-2026-53806 OpenClaw < 2026.5.12 - Shell Option Parsing Bypass in Exec Revalidation

OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling...

8.8CVSS0.00419EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/10 2:35 p.m.33 views

CVE-2026-48859 SSH server timing side-channel in ssh_auth:check_password/3 allows unauthenticated username enumeration

Observable Timing Discrepancy vulnerability in Erlang/OTP ssh sshauth, sshoptions modules allows unauthenticated remote username enumeration via timing side-channel in password authentication. When the SSH daemon is configured with the userpasswords or password option, sshauth:checkpassword/3...

6.3CVSS0.00354EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/05 11:24 a.m.4 views

CVE-2026-42435

OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing attackers to inject environment variable assignments at the argv level. Attackers can bypass exec preflight handling to manipulate high-risk shell variables like SHELLOPTS and...

8.8CVSS5.9AI score0.00407EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/28 6:9 p.m.36 views

CVE-2026-41392 OpenClaw < 2026.3.31 - Exec Allowlist Bypass via Shell Init-File Options

OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options like --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while...

6.7CVSS0.00118EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/28 6:9 p.m.4 views

CVE-2026-41392 OpenClaw < 2026.3.31 - Exec Allowlist Bypass via Shell Init-File Options

OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options like --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while...

6.7CVSS5.2AI score0.00118EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.13 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities stemmed from a privilege escalation vulnerability that allowed attackers to bypass the execution allowlist, enabling...

7.3CVSS5.9AI score0.00118EPSS
Exploits0References1
OSV
OSV
added 2026/04/07 5:16 p.m.4 views

DEBIAN-CVE-2026-4631

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

9.8CVSS6.2AI score0.142EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2026/04/07 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-4631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An...

9.8CVSS6.3AI score0.142EPSS
Exploits4References2
Cvelist
Cvelist
added 2026/03/19 10:6 p.m.25 views

CVE-2026-32003 OpenClaw < 2026.2.22 - Remote Code Execution via SHELLOPTS/PS4 Environment Injection in system.run

OpenClaw versions prior to 2026.2.22 contain an environment variable injection vulnerability in the system.run function that allows attackers to bypass command allowlist restrictions via SHELLOPTS and PS4 environment variables. An attacker who can invoke system.run with request-scoped environment...

7.5CVSS0.0053EPSS
Exploits0References3
OSV
OSV
added 2026/03/03 12:40 a.m.6 views

GHSA-2FGQ-7J6H-9RM4 OpenClaw has system.run shell-wrapper env injection via SHELLOPTS/PS4 can bypass allowlist intent (RCE)

Summary system.run allowed SHELLOPTS + PS4 environment injection to trigger command substitution during bash -lc xtrace expansion before the allowlisted command body executed. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.21-2 includes latest published npm version at...

7.5CVSS5.8AI score0.0053EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/30 8:56 p.m.18 views

CVE-2025-34207

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...

7.9CVSS6.8AI score0.00621EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/09/25 12:0 a.m.3 views

Do Not Configure Deprecated Options for the SSH Service

Currently, the SSH service communication protocols are classified into the first generation and the second generation. The configuration options of the SSH service of different versions are incompatible. In addition, the configuration options of some earlier versions are deprecated in the new...

6.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-27782

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps...

7.5CVSS6.5AI score0.02596EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2016-1235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The oarsh script in OAR before 2.5.7 allows remote authenticated users of a cluster to obtain sensitive information and possibly gain privileges via vectors...

9CVSS7.9AI score0.03448EPSS
Exploits0References2
OSV
OSV
added 2023/03/31 11:5 a.m.4 views

OESA-2023-1195 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However,...

9.8CVSS8.9AI score0.02195EPSS
Exploits5References6
Rows per page
Query Builder