CVE-2026-53832

OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply forged identity headers to assume operator identity and potentially escalate...

CVE-2026-53839 OpenClaw < 2026.5.7 - Hostname Prefix Matching Bypass in Trusted Retry Endpoint Validation

OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoin...

CVE-2026-53839 OpenClaw < 2026.5.7 - Hostname Prefix Matching Bypass in Trusted Retry Endpoint Validation

OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoin...

CVE-2026-53837 OpenClaw < 2026.5.6 - Missing Channel Type Validation in Mattermost Event Handlers

OpenClaw before 2026.5.6 contains an improper access control vulnerability in Mattermost event handlers that fails to validate channel type metadata. Attackers can bypass intended DM policy decisions by sending crafted Mattermost events missing channel type information to process restricted conte...

CVE-2026-54393

A stored cross-site scripting vulnerability exists in MISP when the Overmind theme is used. The setHomePage endpoint previously saved the user-controlled path value through setSettingInternal, bypassing the normal setSetting validation logic, including validatehomepage, which requires homepage...

CVE-2026-54398 MISP object edit authorization bypass allows unauthorized sharing group assignment

An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with object editing permissions to assign a MISP object, or attributes contained within an object, to a sharing group that the user was not authorized to use or view. When editing objects, the sharing group...

CVE-2026-54398

CVE-2026-54398 describes an authorization flaw in MISP's object add/edit handling where an authenticated user with object editing permissions can assign objects or their attributes to a sharing group they are not authorized to view. The root cause is that during object edits the sharing group val...

CVE-2026-54397

MISP CVE-2026-54397 affects the non-REST event editing path. An authenticated user with event edit permissions could tamper with submitted form data to assign an event to a sharing_group_id the user is not authorized to use when distribution is set to sharing group distribution. The non-REST save...

CVE-2026-54397 MISP event editing allows unauthorized assignment to undisclosed sharing groups

A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharinggroupid to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the...

CVE-2026-54396 MISP AuthKey edit endpoint allows authenticated user email enumeration

An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was populated using the attacker-controlled AuthKey.userid value from the submitted request data. An authenticated user with...

CVE-2026-54396

CVE-2026-54396 describes an information disclosure in the MISP AuthKey edit functionality. When a validation error occurs, the user dropdown was populated from the attacker-controlled AuthKey.user_id in the submitted request, enabling an authenticated user with edit permission to enumerate user e...

CVE-2026-45013 Apostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input Validation

ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 have a password reset flow that constructs the reset URL using req.hostname, which is derived directly from the attacker-controlled HTTP Host header when apos.baseUrl is not explicitly configure...

CVE-2026-45012 Apostrophe has authenticated SSRF in rich-text widget import via @apostrophecms/area/validate-widget

ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 contain an authenticated server-side request forgery SSRF in the rich-text widget import flow. An authenticated user who can submit/edit rich-text widget content can cause the server to fetch...

EUVD-2026-36563

MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and uuid without ensuring that the resolved file remains inside the intended APP/files/img/orgs/...

CVE-2026-54393 MISP Overmind theme stored XSS via unvalidated homepage setting

A stored cross-site scripting vulnerability exists in MISP when the Overmind theme is used. The setHomePage endpoint previously saved the user-controlled path value through setSettingInternal, bypassing the normal setSetting validation logic, including validatehomepage, which requires homepage...

CVE-2026-54393 MISP Overmind theme stored XSS via unvalidated homepage setting

A stored cross-site scripting vulnerability exists in MISP when the Overmind theme is used. The setHomePage endpoint previously saved the user-controlled path value through setSettingInternal, bypassing the normal setSetting validation logic, including validatehomepage, which requires homepage...

EUVD-2026-36581

A stored cross-site scripting vulnerability exists in MISP when the Overmind theme is used. The setHomePage endpoint previously saved the user-controlled path value through setSettingInternal, bypassing the normal setSetting validation logic, including validatehomepage, which requires homepage...

CVE-2026-54393

CVE-2026-54393 describes a stored XSS in MISP when the Overmind theme is active. The vulnerability stems from the setHomePage endpoint saving user-supplied paths via setSettingInternal(), bypassing validation in setSetting() (including validate_homepage that enforces a leading “/”). The attacker-...

CVE-2026-50552

Koel is a free, open-source music streaming solution. Prior to version 9.7.1, Koel contains a Server-Side Request Forgery SSRF vulnerability in the radio station creation endpoint POST /api/radio/stations. The url field validation rules are declared without the bail keyword, so the...

Radius Controller May Delete a Container Resource via an Injected Deployment Annotation (Multi-Tenant Installs)

Radius Controller May Delete a Container Resource via an Injected Deployment Annotation Multi-Tenant Installs Summary A configuration-validation issue in the Radius Kubernetes controller can cause it to issue a DELETE for the container resource referenced by a tampered radapp.io/status annotation...