Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.13 views

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.5 Product Security Update (Critical) (RHSA-2026:28376)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28376 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers ca...

9.6CVSS6AI score0.0037EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

RHEL 9 : Red Hat Ansible Automation Platform 2.6 Product Security Update (Critical) (RHSA-2026:28377)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28377 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...

9.6CVSS6AI score0.0037EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 6:53 p.m.7 views

Critical: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.6CVSS5.9AI score0.0037EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/23 6:39 p.m.7 views

Critical: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.6CVSS5.9AI score0.0037EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/15 10:3 a.m.9 views

CVE-2026-34023 Broken WebSocket authorization in Wertheim SafeController Software allows cross-branch access to restricted functions

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an incorrect authorization vulnerability in the WebSocket communication used by the SafeController WebMessageBroker. An authenticated attacker with valid low-privileged branch user credentials can manipulate WebSocket...

7.1CVSS5.3AI score0.00335EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/15 10:3 a.m.33 views

CVE-2026-34023 Broken WebSocket authorization in Wertheim SafeController Software allows cross-branch access to restricted functions

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an incorrect authorization vulnerability in the WebSocket communication used by the SafeController WebMessageBroker. An authenticated attacker with valid low-privileged branch user credentials can manipulate WebSocket...

7.1CVSS0.00335EPSS
Exploits1References2
CVE
CVE
added 2026/06/15 10:3 a.m.55 views

CVE-2026-34023

The CVE-2026-34023 issue affects Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014) and is caused by an incorrect authorization in the WebSocket communication used by the SafeController WebMessageBroker. An authenticated attacker with low-privilege branch credentials can manipulat...

7.1CVSS5.4AI score0.00335EPSS
Exploits1References3
NVD
NVD
added 2026/06/12 10:16 p.m.10 views

CVE-2026-53821

OpenClaw before 2026.5.18 accepts WebSocket client-declared operator scopes before binding to server-approved pairing or trusted-proxy authorization baseline. Unpaired or restricted trusted-proxy Control UI clients can obtain cached operator.admin authority on live WebSocket connections to execut...

8.8CVSS0.00289EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/13 8:55 p.m.4 views

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via the WebSocket connection. An attacker can gain unauthorized access to elevated gateway operations by presenting client-declared scopes that are not properly boun...

9.9CVSS5.8AI score0.00505EPSS
Exploits0References2
Rows per page
Query Builder