CVE-2026-56265

Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the Docker API server. Attackers who know the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protected...

DEBIAN-CVE-2026-31641

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...

CVE-2026-26326

CVE-2026-26326 affects the OpenClaw OpenClaw AI assistant. Before version 2026.2.14, the function skills.status could disclose secrets to operator.read clients by returning raw resolved config values in configChecks for requires.config paths. The fix in 2026.2.14 stops including raw resolved conf...

GHSA-8MH7-PHF8-XGFM OpenClaw skills.status could leak secrets to operator.read clients

Summary skills.status could disclose secrets to operator.read clients by returning raw resolved config values in configChecks for skill requires.config paths. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.14...

PT-2026-20960

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 Description The skills.status function could reveal sensitive information to clients with operator.read access. This occurred because the function returned raw resolved config values within configChecks for...

CVE-2026-25538 Devtron Attributes API Unauthorized Access Leading to API Token Signing Key Leakage

Devtron is an open source tool integration platform for Kubernetes. In version 2.0.0 and prior, a vulnerability exists in Devtron's Attributes API interface, allowing any authenticated user including low-privileged CI/CD Developers to obtain the global API Token signing key by accessing the...

EUVD-2025-3999

Malicious code in bioql PyPI...

Fedora: Security Advisory for dogtag-pki (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: dogtag-pki-11.5.0-3.fc40

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. Dogtag PKI consists of the following components: Certificate Authority CA Key Recovery Authority KRA Online Certificate Status Protocol OCSP Manager Token Key Service TKS Token...

CVE-2023-49261

The "tokenKey" value used in user authorization is visible in the HTML source of the login page...

Hongdian Router H8951-4G-ESP Security Vulnerability

The Hongdian Router H8951-4G-ESP is a wireless router from Hongdian, China. A security vulnerability exists in the Hongdian Router H8951-4G-ESP prior to version 2310271149, which stems from the "tokenKey" value used in user authorization being visible in the HTML source code of the login page...

PT-2024-13718 · Hongdian · H8951-4G-Esp +1

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue concerns the visibility of the tokenKey value used in user authorization within the HTML source of the login page. This could potentially expose sensitive information...

Fedora: Security Advisory for dogtag-pki (FEDORA-2021-99ca984f32)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for pki-core (FEDORA-2021-54a73a7112)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for dogtag-pki (FEDORA-2021-54a73a7112)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: pki-core-10.10.6-1.fc33

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: Automatic Certificate Management Environment ACME Responder Certificate Authority CA Key Recovery Authority KRA Online Certificate Status...

[SECURITY] Fedora 33 Update: dogtag-pki-10.10.6-1.fc33

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: Automatic Certificate Management Environment ACME Responder Certificate Authority CA Key Recovery Authority KRA Online Certificate Status...

[SECURITY] Fedora 34 Update: dogtag-pki-10.10.6-1.fc34

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: Automatic Certificate Management Environment ACME Responder Certificate Authority CA Key Recovery Authority KRA Online Certificate Status...

[SECURITY] Fedora 34 Update: pki-core-10.10.6-1.fc34

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: Automatic Certificate Management Environment ACME Responder Certificate Authority CA Key Recovery Authority KRA Online Certificate Status...

[SECURITY] Fedora 33 Update: pki-core-10.10.5-5.fc33

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: Automatic Certificate Management Environment ACME Responder Certificate Authority CA Key Recovery Authority KRA Online Certificate Status...