OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from accepting unlimited concurrent unauthenticated WebSocket upgrades, which could allow unauthenticated...

OpenClaw: Gateway WebSocket Denial of Service via unbounded pre-auth upgrades

Summary The gateway accepted unbounded concurrent unauthenticated WebSocket upgrades before allocating them to an authenticated session budget. Impact An unauthenticated network attacker could consume socket and worker capacity and disrupt WebSocket availability for legitimate clients. Affected...

WordPress myCred plugin <= 2.7.3 - Missing Authorization to Unauthenticated Database Upgrade vulnerability

Missing Authorization to Unauthenticated Database Upgrade vulnerability discovered by Mika in WordPress Plugin myCred versions = 2.7.3...

Cisco Enterprise NFV Infrastructure Software 数据伪造问题漏洞

Cisco Enterprise NFV Infrastructure Software NFVIS is a suite of NVF infrastructure software platforms from Cisco. The platform enables full lifecycle management of virtualized services through a central orchestrator and controller. Cisco Enterprise NFV Infrastructure Software is vulnerable to a...

CVE-2007-2375

The agent remote upgrade interface in Symantec Enterprise Security Manager ESM before 20070405 does not verify the authenticity of upgrades, which allows remote attackers to execute arbitrary code via software that implements the agent upgrade protocol...