CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

84 matches found

RedhatCVE•added 2026/03/26 3:6 p.m.•0 views

CVE-2026-22176

OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in Windows Scheduled Task script generation where environment variables are written to gateway.cmd using unquoted set KEY=VALUE assignments, allowing shell metacharacters to break out of assignment context. Attackers c...

7.8CVSS6.1AI score0.00053EPSS

Exploits0References1

Positive Technologies•added 2026/03/23 12:0 a.m.•1 views

PT-2026-27221

OpenClaw versions prior to 2026.2.18 contain a command injection vulnerability in Windows Scheduled Task script generation where environment variables are written unquoted to gateway.cmd, allowing shell metacharacters to break out of assignment context. Attackers can inject arbitrary commands...

7.4CVSS6AI score

Exploits0References4

OSV•added 2026/03/19 2:16 a.m.•0 views

CVE-2026-31994

OpenClaw versions prior to 2026.2.19 contain a local command injection vulnerability in Windows scheduled task script generation due to unsafe handling of cmd metacharacters and expansion-sensitive characters in gateway.cmd files. Local attackers with control over service script generation...

7.8CVSS6.2AI score

Exploits0References3

OSV•added 2026/03/19 2:16 a.m.•0 views

CVE-2026-22176

7.8CVSS6.2AI score

Exploits0References3

Cvelist•added 2026/03/19 1:0 a.m.•22 views

CVE-2026-31994 OpenClaw < 2026.2.19 - Local Command Injection via Unsafe cmd Argument Handling in Windows Scheduled Task Script Generation

7.1CVSS0.00053EPSS

Exploits0References3

CVE•added 2026/03/19 1:0 a.m.•11 views

CVE-2026-22176

OpenClaw before version 2026.2.19 contains a command injection in Windows Scheduled Task script generation. The flaw stems from unquoted environment variable assignments written to gateway.cmd (e.g., set KEY=VALUE), allowing metacharacters like &, |, ^, %, or ! to break out of assignment and enab...

7.8CVSS6.1AI score0.00053EPSS

Exploits0References3Affected Software1

OSV•added 2026/03/03 9:50 p.m.•3 views

GHSA-PJ5X-38RW-6FPH OpenClaw has a Command Injection via unescaped environment assignments in Windows Scheduled Task script generation

Summary A command injection vulnerability existed in Windows Scheduled Task script generation for OpenClaw. Environment values were written into gateway.cmd using unquoted set KEY=VALUE, which allowed Windows shell metacharacters in config-provided environment variables to break out of assignment...

7.1CVSS6AI score0.00053EPSS

Exploits0References5

Positive Technologies•added 2026/03/03 12:0 a.m.•2 views

PT-2026-26221

7.8CVSS5.8AI score0.00053EPSS

Exploits0References10

RedhatCVE•added 2026/01/09 11:24 a.m.•5 views

CVE-2021-31989

A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices...

5.3CVSS6.8AI score0.00138EPSS

Exploits0References1

Rapid7 Blog•added 2025/11/07 7:46 p.m.•7 views

Metasploit Wrap-Up 11/07/2025

New module content 3 Centreon authenticated command injection leading to RCE via broker engine "reload" parameter Author: h00die-gr3y [email protected] Type: Exploit Pull request: 20672 contributed by h00die-gr3y Path: linux/http/centreonauthrcecve20255946 AttackerKB reference: CVE-2025-5946...

7.2CVSS8.1AI score0.3233EPSS

Exploits2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-1589

Malware in sbrugna...

7.8CVSS6.5AI score0.00439EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-18861

Malware in sbrugna...

5.3CVSS5.6AI score0.00138EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-2621

Malware in sbrugna...

7.2CVSS6.1AI score0.0126EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-43935

Malicious code in bioql PyPI...

7.8CVSS6.2AI score0.00201EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-25708

Malicious code in bioql PyPI...

7.8CVSS7.9AI score0.0039EPSS

Exploits0References1

Cvelist•added 2025/06/10 5:2 p.m.•10 views

CVE-2025-33067 Windows Task Scheduler Elevation of Privilege Vulnerability

...

8.4CVSS0.00816EPSS

Exploits0References1

CVE•added 2025/06/10 5:2 p.m.•77 views

CVE-2025-33067

CVE-2025-33067 — Windows Kernel local privilege escalation due to improper privilege management. Affects the Windows Kernel; attacker can gain elevated rights locally with no user interaction. CVSSv3.1 base score 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Connected sources confirm the impact as l...

8.4CVSS8.3AI score0.00816EPSS

Exploits0References1Affected Software13

Vulnrichment•added 2025/06/10 5:2 p.m.•11 views

CVE-2025-33067 Windows Task Scheduler Elevation of Privilege Vulnerability

...

8.4CVSS7.2AI score0.00816EPSS

Exploits0References1

Microsoft CVE•added 2025/06/10 7:0 a.m.•10 views

Windows Task Scheduler Elevation of Privilege Vulnerability

Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally...

8.4CVSS7.3AI score0.00816EPSS

Exploits0

Kaspersky•added 2025/06/10 12:0 a.m.•17 views

KLA84760 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of...

8.8CVSS9.7AI score0.50282EPSS

Exploits18References73

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by