4 matches found
EUVD-2026-43566
OpenClaw @openclaw/feishu versions 2026.6.6 and earlier contain an incorrect authorization vulnerability in which the Feishu permission tools could ignore per-account disablement settings. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could...
EUVD-2026-43565
OpenClaw Feishu tools npm package @openclaw/feishu in versions = 2026.6.6 could ignore per-account disablement. A lower-trust caller or a configured input path could perform actions that should have required a stronger authorization or policy check, resulting in unauthorized operations. The issue...
EUVD-2026-43571
OpenClaw versions 2026.6.5 before 2026.6.9 contain a vulnerability in the plugin install wrappers that could skip the install policy authorization check. When the affected feature is enabled and reachable, a lower-trust caller or a configured input path could execute or persist actions beyond the...
Reliance on Cookies without Validation and Integrity Checking
Overview yt-dlp is an A youtube-dl fork with additional features and patches Affected versions of this package are vulnerable to Reliance on Cookies without Validation and Integrity Checking via curl. An attacker can obtain sensitive cookie information by crafting a malicious website that embeds ...