Lucene search
K

5 matches found

CVE
CVE
added 2026/06/12 9:57 p.m.18 views

CVE-2026-53839

OpenClaw before 2026.5.7 has a hostname validation flaw in the retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. This can enable an attacker to craft a hostname prefix that resembles a trusted host, potentially causing authentication material to be sent to u...

6.5CVSS5.3AI score0.00265EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/12 9:57 p.m.6 views

CVE-2026-53839 OpenClaw < 2026.5.7 - Hostname Prefix Matching Bypass in Trusted Retry Endpoint Validation

OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoin...

6.5CVSS5.3AI score0.00265EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 3:26 a.m.5 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the PFCP SessionReportRequest process when ReportType.USAR is set to 1 and the UsageReport omits the mandatory URRID sub-IE. An attacker can cause the service to crash and terminate by sending a specially...

8.7CVSS5.9AI score0.00302EPSS
Exploits1References2
NCSC
NCSC
added 2024/06/26 8:58 a.m.23 views

Vulnerabilities fixed in Progress MOVEit

Progress has fixed vulnerabilities in MOVEit Transfer and MOVEit Gateway. During the vulnerability investigation, a vulnerability was also discovered in an unnamed Third-Party component in use by MOVEit Transfer. The vulnerabilities are located in the SFTP module of the affected applications and...

9.8CVSS7.5AI score0.75812EPSS
Exploits3References2
Talos Blog
Talos Blog
added 2023/04/27 6:0 p.m.60 views

Threat Source newsletter (April 27, 2023) — New Cisco Secure offerings and extra security from Duo

Welcome to this weeks edition of the Threat Source newsletter. Im writing this earlier in the week as I get ready for some personal travel everyone is lucky I passed on writing another Cybersecurity Mock Draft, so apologies if I miss anything major that happens at RSA. But Cisco beat everyone to...

7.5CVSS10.3AI score0.99999EPSS
Exploits24
Rows per page
Query Builder