Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Debian CVE
Debian CVEadded 5 days ago2 views

CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00049EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/04/03 8:45 p.m.2 views

CVE-2026-34511

OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth flow, exposing it through the redirect URL. Attackers who capture the redirect URL can obtain both the authorization code and PKCE verifier, defeating PKCE protection and enabling token redemption...

6CVSS6AI score0.00042EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/05 9:59 p.m.3 views

CVE-2026-28479

OpenClaw versions prior to 2026.2.15 use SHA-1 to hash sandbox identifier cache keys for Docker and browser sandbox configurations, which is deprecated and vulnerable to collision attacks. An attacker can exploit SHA-1 collisions to cause cache poisoning, allowing one sandbox configuration to be...

8.7CVSS5.9AI score0.00019EPSS
Exploits0References4
Packet Storm News
Packet Storm Newsadded 2025/12/24 12:0 a.m.4 views

Security Risks Introduced by Weak Authentication in Smart Home IoT Systems

Smart home IoT systems rely on authentication mechanisms to ensure that only authorized entities can control devices and access sensitive functionality. In practice, these mechanisms must balance security with usability, often favoring persistent connectivity and minimal user interaction. This...

6.9AI score
Exploits0
CNNVD
CNNVDadded 2024/10/21 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition in the nfsd subsystem during the handling of FREESTATEID, which could lead to...

7.8CVSS8.1AI score0.00022EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2014/10/30 12:0 a.m.23 views

FreeBSD : libssh -- PRNG state reuse on forking servers (f8c88d50-5fb3-11e4-81bd-5453ed2e2b49)

Aris Adamantiadis reports : When accepting a new connection, the server forks and the child process handles the request. The RANDbytes function of openssl doesn't reset its state after the fork, but simply adds the current process id getpid to the PRNG state, which is not guaranteed to be unique...

1.9CVSS6.7AI score0.00088EPSS
Exploits1References3
FreeBSD
FreeBSDadded 2014/03/05 12:0 a.m.31 views

libssh -- PRNG state reuse on forking servers

Aris Adamantiadis reports: When accepting a new connection, the server forks and the child process handles the request. The RANDbytes function of openssl doesn't reset its state after the fork, but simply adds the current process id getpid to the PRNG state, which is not guaranteed to be unique...

1.9CVSS6.3AI score0.00088EPSS
Exploits1References2
Rows per page
Query Builder