CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

OSV•added 2026/04/24 3:16 p.m.•1 views

DEBIAN-CVE-2026-31641

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...

7.8CVSS5.7AI score0.00015EPSS

Exploits0References1

CVE•added 2026/02/19 10:55 p.m.•8 views

CVE-2026-26326

CVE-2026-26326 affects the OpenClaw OpenClaw AI assistant. Before version 2026.2.14, the function skills.status could disclose secrets to operator.read clients by returning raw resolved config values in configChecks for requires.config paths. The fix in 2026.2.14 stops including raw resolved conf...

5.3CVSS5.6AI score0.00014EPSS

Exploits0References4Affected Software1

OSV•added 2026/02/17 9:43 p.m.•2 views

GHSA-8MH7-PHF8-XGFM OpenClaw skills.status could leak secrets to operator.read clients

Summary skills.status could disclose secrets to operator.read clients by returning raw resolved config values in configChecks for skill requires.config paths. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.14...

5.3CVSS5.6AI score0.00014EPSS

Exploits0References6

Positive Technologies•added 2026/02/17 12:0 a.m.•2 views

PT-2026-20960

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 Description The skills.status function could reveal sensitive information to clients with operator.read access. This occurred because the function returned raw resolved config values within configChecks for...

5.3CVSS5.4AI score0.00014EPSS

Exploits0References17

OSV•added 2026/02/04 9:37 p.m.•1 views

CVE-2026-25538 Devtron Attributes API Unauthorized Access Leading to API Token Signing Key Leakage

Devtron is an open source tool integration platform for Kubernetes. In version 2.0.0 and prior, a vulnerability exists in Devtron's Attributes API interface, allowing any authenticated user including low-privileged CI/CD Developers to obtain the global API Token signing key by accessing the...

8.7CVSS5.5AI score0.00022EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-3999

Malicious code in bioql PyPI...

8.7CVSS6.4AI score0.00115EPSS

Exploits0References2

OpenVAS•added 2024/03/08 12:0 a.m.•30 views

Fedora: Security Advisory for dogtag-pki (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.46427EPSS

Exploits3References2

Fedora•added 2024/03/07 10:33 p.m.•29 views

[SECURITY] Fedora 40 Update: dogtag-pki-11.5.0-3.fc40

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. Dogtag PKI consists of the following components: Certificate Authority CA Key Recovery Authority KRA Online Certificate Status Protocol OCSP Manager Token Key Service TKS Token...

8.8CVSS6.8AI score0.46427EPSS

Exploits3

OSV•added 2024/01/12 3:15 p.m.•0 views

CVE-2023-49261

The "tokenKey" value used in user authorization is visible in the HTML source of the login page...

7.5CVSS5.8AI score0.00092EPSS

Exploits0References2

Positive Technologies•added 2024/01/12 12:0 a.m.•2 views

PT-2024-13718 · Hongdian · H8951-4G-Esp +1

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue concerns the visibility of the tokenKey value used in user authorization within the HTML source of the login page. This could potentially expose sensitive information...

9.8CVSS7.2AI score0.00092EPSS

Exploits0References6

CNNVD•added 2024/01/12 12:0 a.m.•1 views

Hongdian Router H8951-4G-ESP Security Vulnerability

The Hongdian Router H8951-4G-ESP is a wireless router from Hongdian, China. A security vulnerability exists in the Hongdian Router H8951-4G-ESP prior to version 2310271149, which stems from the "tokenKey" value used in user authorization being visible in the HTML source code of the login page...

9.8CVSS6.8AI score0.00092EPSS

Exploits0References3

OpenVAS•added 2021/06/20 12:0 a.m.•18 views

Fedora: Security Advisory for dogtag-pki (FEDORA-2021-99ca984f32)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.7AI score0.00018EPSS

Exploits0References2

OpenVAS•added 2021/06/20 12:0 a.m.•19 views

Fedora: Security Advisory for pki-core (FEDORA-2021-54a73a7112)

7.8CVSS7.7AI score0.00018EPSS

Exploits0References2

OpenVAS•added 2021/06/20 12:0 a.m.•16 views

Fedora: Security Advisory for dogtag-pki (FEDORA-2021-54a73a7112)

7.8CVSS7.7AI score0.00018EPSS

Exploits0References2

Fedora•added 2021/06/18 1:10 a.m.•28 views

[SECURITY] Fedora 33 Update: pki-core-10.10.6-1.fc33

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: Automatic Certificate Management Environment ACME Responder Certificate Authority CA Key Recovery Authority KRA Online Certificate Status...

7.8CVSS2.2AI score0.00018EPSS

Exploits0

Fedora•added 2021/06/18 1:10 a.m.•38 views

[SECURITY] Fedora 33 Update: dogtag-pki-10.10.6-1.fc33

7.8CVSS2.2AI score0.00018EPSS

Exploits0

Fedora•added 2021/06/18 1:8 a.m.•27 views

[SECURITY] Fedora 34 Update: pki-core-10.10.6-1.fc34

7.8CVSS2.2AI score0.00018EPSS

Exploits0

Fedora•added 2021/06/18 1:8 a.m.•32 views

[SECURITY] Fedora 34 Update: dogtag-pki-10.10.6-1.fc34