198 matches found
GHSA-CHQ7-94J8-CJ28 Jupyter Enterprise Gateway: ContainerProcessProxy._enforce_prohibited_ids Bypass
Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNELUID or KERNELGID value. The feature...
Astra Linux - уязвимость в thunderbird
Thunderbird did not check whether the user ID associated with an OpenPGP key has a valid self-signature. An attacker may create a forged version of an OpenPGP key, either by replacing the original user ID or by adding another user ID. If Thunderbird imports and accepts the forged key, the...
Keycloak 安全漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak itself. Keycloak has a security vulnerability, which stems from low-privilege administrators with the view-clients role being able to exploit the evaluate-scopes management API endpoint by passing arbitrary...
CVE-2026-45350 Open WebUI: Chat completion API allows tool restrictions to be bypassed
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion API, which allows attackers to bypass tool restrictions, potentially enabling unauthorized actions or access. In the chatcompletion API, t...
EUVD-2026-26790
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.1 via the '/dokan/v1/stores/id/reviews' REST API endpoint. This is due to the 'preparereviewsforresponse' method...
CVE-2026-35670 OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat
OpenClaw before 2026.3.22 contains a webhook reply delivery vulnerability that allows attackers to rebind chat replies to unintended users by exploiting mutable username matching instead of stable numeric user identifiers. Attackers can manipulate username changes to redirect webhook-triggered...
VulnCheck KEV: CVE-2020-8497
In Artica Pandora FMS through 7.42, an unauthenticated attacker can read the chat history. The file is in JSON format and it contains user names, user IDs, private messages, and timestamps...
PT-2026-29694
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address...
SEPPmail Secure Email Gateway 安全漏洞
SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.3 contained security vulnerabilities. These vulnerabilities stemmed from the ability for attackers to upload PGP keys whose user IDs...
EUVD-2026-14595
OpenClaw versions 2026.2.22 prior to 2026.2.24 contain an authorization bypass vulnerability in the synology-chat channel plugin where dmPolicy set to allowlist with empty allowedUserIds fails open. Attackers with Synology sender access can bypass authorization checks to dispatch unauthorized...
CVE-2026-32911
Rejected reason: This CVE ID has been rejected...
CVE-2026-32911
...
CVE-2026-33648 AVideo Vulnerable to OS Command Injection via Unsanitized `users_id` and `liveTransmitionHistory_id` in Restreamer Log File Path
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the restreamer endpoint constructs a log file path by embedding user-controlled usersid and liveTransmitionHistoryid values from the JSON request body without any sanitization. This log file path is then...
CVE-2026-31998
OpenClaw versions 2026.2.22 and 2026.2.23 contain an authorization bypass vulnerability in the synology-chat channel plugin where dmPolicy set to allowlist with empty allowedUserIds fails open. Attackers with Synology sender access can bypass authorization checks and trigger unauthorized agent...
OpenEMR 安全漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.2 contained security...
PT-2026-23006
Craft is a content management system CMS. Prior to 5.9.0-beta.2 and 4.17.0-beta.2, the actionSendActivationEmail endpoint is accessible to unauthenticated users and does not require a permission check for pending users. An attacker with no prior access can trigger activation emails for any pendin...
GHSA-GW85-XP4Q-5GP9 OpenClaw's Synology Chat dmPolicy=allowlist failed open on empty allowedUserIds, allowing unauthorized agent dispatch
Summary In openclaw versions 2026.2.22 and 2026.2.23, the optional synology-chat channel plugin had an authorization fail-open condition: when dmPolicy was allowlist and allowedUserIds was empty/unset, unauthorized senders were still allowed through to agent dispatch. This is assessed as medium...
Incorrect Authorization
Overview @openclaw/synology-chat is a Synology Chat channel plugin for OpenClaw Affected versions of this package are vulnerable to Incorrect Authorization in the synology-chat channel plugin when dmPolicy is set to allowlist and allowedUserIds is empty or unset. An attacker can trigger...
OpenClaw's Synology Chat dmPolicy=allowlist failed open on empty allowedUserIds, allowing unauthorized agent dispatch
Summary In openclaw versions 2026.2.22 and 2026.2.23, the optional synology-chat channel plugin had an authorization fail-open condition: when dmPolicy was allowlist and allowedUserIds was empty/unset, unauthorized senders were still allowed through to agent dispatch. This is assessed as medium...
GHSA-4CQV-H74H-93J4 OpenClaw has a Discord `allowFrom` slug-collision authorization bypass
OpenClaw supports Discord allowlists using either user IDs or names/tags. Name/tag matching depends on slug normalization, so different user tags can collide to the same slug and unintentionally satisfy a name-based allowlist entry. Affected Packages / Versions - Package: openclaw npm - Affected...