CVE-2026-41354

OpenClaw before 2026.4.2 contains an insufficient scope vulnerability in Zalo webhook replay dedupe keys that allows legitimate events from different conversations or senders to collide. Attackers can exploit weak deduplication scoping to cause silent message suppression and disrupt bot workflows...

EUVD-2021-1738

Malware in sbrugna...

CVE-2025-52554 n8n Improper Authorization in Workflow Execution Stop Endpoint Allows Terminating Other Users’ Workflows

n8n is a workflow automation platform. Prior to version 1.99.1, an authorization vulnerability was discovered in the /rest/executions/:id/stop endpoint of n8n. An authenticated user can stop workflow executions that they do not own or that have not been shared with them, leading to potential...

CVE-2025-27153

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...

CVE-2025-27153

CVE-2025-27153 concerns the Escalade GLPI plugin for GLPI. Prior to version 2.9.11, an improper access control vulnerability could allow exposure of data and disrupt workflows. The issue has been patched in version 2.9.11. The published metrics indicate a base CVSS v3.1 score of 6.5 (MEDIUM) with...

CVE-2021-37914

In Argo Workflows through 3.1.3, if EXPRESSIONTEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow because expression template output is evaluated...