CVE-2026-32310

** vulnerability overview \n\nCryptomator prior to 1.19.1 parses vault configuration before verifying its integrity, and the masterkeyfile loader uses an unverified keyId as a filesystem path. The code resolves keyId.getSchemeSpecificPart() against the vault path and immediately checks existence,...

OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-13591)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from an unverified webhook key in Telegram webhook mode, which can be exploited by an attacker to forge Telegram updates to bypass the sender permission li...

OpenClaw 数据伪造问题漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from an unverified webhook key in Telegram webhook mode, which can be exploited by an attacker to forge Telegram updates to bypass the sender permission li...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unverified relocation tree root key that could result in a stack dump...

CVE-2025-46675

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking...

Design/Logic Flaw

light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token...