CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

CVE-2026-41234

Froxlor is open source server administration software. Prior to version 2.3.7, the DomainZones.add API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which break out of the record...

7.6CVSS5.5AI score0.00041EPSS

Exploits0References1

NVD•added 3 days ago•6 views

CVE-2026-41234

7.6CVSS0.00041EPSS

Exploits0References3

CVE•added 3 days ago•14 views

CVE-2026-41234

CVE-2026-41234 affects Froxlor prior to 2.3.7, where the DomainZones.add API does not sanitize newline characters in TXT records. An authenticated user with DNS editing enabled can inject newlines into TXT content, causing the TXT value to break out of the line in the generated BIND zone file. Th...

7.6CVSS5.9AI score0.00041EPSS

Exploits0References3

Vulnrichment•added 3 days ago•6 views

CVE-2026-41234 Froxlor: BIND Zone File Injection via TXT Record Content

7.6CVSS5.9AI score0.00041EPSS

Exploits0References3

ATTACKERKB•added 3 days ago•4 views

CVE-2026-41234

8.8CVSS5.9AI score0.00041EPSS

Exploits1References4Affected Software1

EUVD•added 3 days ago•6 views

EUVD-2026-34313

8.8CVSS5.9AI score0.00041EPSS

Exploits1References3

CNVD•added 2026/03/02 12:0 a.m.•0 views

OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13430)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw is vulnerable to a data forgery issue. The vulnerability stems from unauthenticated TXT records in discovery beacons, where certain clients treat the TXT values as authoritative routing/fixed inputs. An attacker...

7.1CVSS5.8AI score0.00003EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 1:28 a.m.•4 views

CVE-2026-26327

OpenClaw is a personal AI assistant. Discovery beacons Bonjour/mDNS and DNS-SD include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to version 2026.2.14, some clients treated TXT values as authoritative routing/pinning inputs...

7.1CVSS5.5AI score0.00003EPSS

Exploits0References1

NVD•added 2026/02/19 11:16 p.m.•4 views

CVE-2026-26327

7.1CVSS0.00003EPSS

Exploits0References3

ATTACKERKB•added 2026/02/19 10:59 p.m.•2 views

CVE-2026-26327

7.1CVSS5.6AI score0.00003EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/02/19 10:59 p.m.•18 views

CVE-2026-26327 OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning

7.1CVSS0.00003EPSS

Exploits0References3

Vulnrichment•added 2026/02/19 10:59 p.m.•1 views

CVE-2026-26327 OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning

7.1CVSS5.6AI score0.00003EPSS

Exploits0References3

CNNVD•added 2026/02/19 12:0 a.m.•3 views

OpenClaw 数据伪造问题漏洞

7.1CVSS5.8AI score0.00003EPSS

Exploits0References3

Snyk•added 2026/02/18 12:33 a.m.•4 views

Improper Certificate Validation

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Certificate Validation via unauthenticated TXT records in the discovery routing. An attacker can redirect client connections to attacker-controlled endpoints and potentially...

7.1CVSS5.7AI score0.00003EPSS

Exploits0References2

OSV•added 2026/02/18 12:33 a.m.•1 views

GHSA-PV58-549P-QH99 OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning

Summary Discovery beacons Bonjour/mDNS and DNS-SD include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. TXT records are unauthenticated. Prior to the fix, some clients treated TXT values as authoritative routing/pinning inputs: - iOS and macOS: used TXT-provided host...

7.1CVSS5.6AI score0.00003EPSS

Exploits0References5

Github Security Blog•added 2026/02/18 12:33 a.m.•19 views

OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning

7.1CVSS5.6AI score0.00003EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/02/18 12:0 a.m.•3 views

PT-2026-20370

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 Description OpenClaw is a personal AI assistant that utilizes discovery beacons Bonjour/mDNS and DNS-SD which include TXT records such as lanHost, tailnetDns, gatewayPort, and gatewayTlsSha256. These TXT...

7.1CVSS5.6AI score0.00003EPSS

Exploits0References6

Wired Threat Level•added 2024/07/12 5:44 p.m.•7 views

The Sweeping Danger of the AT&T Phone Records Breach

Telecom giant AT&T says a major data breach has exposed the call and text records of “nearly all” of its customers, epitomizing the dire state of data security...

7.3AI score

Exploits0

HackRead•added 2024/07/12 4:32 p.m.•10 views

AT&T Data Breach: Hackers Steal Call and Text Records for “Nearly All” Customers

AT&T confirms a data breach exposing call and text records for "Nearly All" customers from May 2022 to…...

7.4AI score

Exploits0

Malwarebytes•added 2024/07/12 1:44 p.m.•6 views

“Nearly all” AT&T customers had phone records stolen in new data breach disclosure

In a déjà-vu nightmare, US phone giant AT&T has notified customers that cybercriminals managed to download phone call and text message records of "nearly all of AT&T cellular customers from May 1, 2022 to October 31, 2022 as well as on January 2, 2023". In a filing with the Securities and Exchang...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by