Lucene search
K

131179 matches found

CNVD
CNVD
•added 2026/03/25 12:0 a.m.•6 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-16149)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to bypass navigation restrictions via specially crafted HTML pages...

6.5CVSS5.8AI score0.0016EPSS
Exploits0
CNVD
CNVD
•added 2026/03/25 12:0 a.m.•7 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-16148)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to disclose cross-domain data via specially crafted HTML pages...

6.5CVSS5.7AI score0.00171EPSS
Exploits0
CNVD
CNVD
•added 2026/03/25 12:0 a.m.•2 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-15396)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that is caused due to insufficient policy enforcement in PDF. An attacker can exploit the vulnerability to bypass security restrictions...

7.5CVSS5.9AI score0.00183EPSS
Exploits0
CNVD
CNVD
•added 2026/03/25 12:0 a.m.•4 views

Google Chrome Information Disclosure Vulnerability (CNVD-2026-16150)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an information disclosure vulnerability that can be exploited by attackers to disclose cross-domain data via specially crafted HTML pages...

3.1CVSS5.7AI score0.00164EPSS
Exploits0
CNVD
CNVD
•added 2026/03/25 12:0 a.m.•8 views

Microsoft Office Code Execution Vulnerability (CNVD-2026-16159)

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, and so on. A code execution vulnerability exists in Microsoft Office, which can be exploited by an attacker to...

8.4CVSS6.3AI score0.00545EPSS
Exploits0
CNVD
CNVD
•added 2026/03/25 12:0 a.m.•5 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-15408)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome due to insufficient policy enforcement in DevTools, which can be exploited by attackers to bypass security restrictions...

4.3CVSS5.9AI score0.00166EPSS
Exploits0
CNVD
CNVD
•added 2026/03/25 12:0 a.m.•4 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-15398)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability caused by insufficient policy enforcement in DevTools, which can be exploited by an attacker to bypass navigation restrictions via specially crafted HTML pages...

5.3CVSS5.9AI score0.00163EPSS
Exploits0
CNVD
CNVD
•added 2026/03/25 12:0 a.m.•8 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-15411)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability caused by an incorrect security UI in PictureInPicture, which can be exploited by an attacker to perform UI spoofing via specially crafted HTML pages...

4.3CVSS5.9AI score0.00177EPSS
Exploits0
CNVD
CNVD
•added 2026/03/25 12:0 a.m.•9 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-15409)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which is caused due to insufficient policy enforcement in PDF, and can be exploited by attackers to bypass security restrictions...

6.5CVSS5.9AI score0.00147EPSS
Exploits0
CNVD
CNVD
•added 2026/03/25 12:0 a.m.•24 views

Google Chrome Security Bypass Vulnerability (CNVD-2026-15410)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that is caused by insufficient policy enforcement in the Extensions program. An attacker can exploit the vulnerability to conduct UI spoofing via a specially crafted Chrome...

4.3CVSS5.9AI score0.00123EPSS
Exploits0
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•5 views

Unspecified vulnerability in Discourse (CNVD-2026-17482)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse has a security vulnerability that can be exploited by an attacker to cause a legitimate Discourse authorization page to display...

7.5CVSS5.7AI score0.00208EPSS
Exploits0
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

Discourse Information Disclosure Vulnerability (CNVD-2026-17272)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that stems from a post edit management report disclosing the first 40...

2.7CVSS5.8AI score0.00293EPSS
Exploits0
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•3 views

OpenClaw Authorization Bypass Vulnerability (CNVD-2026-14835)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an authorization bypass vulnerability that stems from the system accepting variable sender display names instead of forcing an ID-only match. An attacker could use this vulnerability to bypass...

6.5CVSS5.9AI score0.00205EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•9 views

OpenClaw OS Command Injection Vulnerability (CNVD-2026-15060)

OpenClaw is an automation tool for executing system commands. A security vulnerability exists in versions of OpenClaw prior to 2026.2.22, which stems from a flaw in the security configuration of the sort tool after it is manually added to the tools.exec.safeBins configuration. An attacker can...

8.8CVSS6.1AI score0.00286EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•2 views

OpenClaw Metadata Spoofing Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a metadata forgery vulnerability that stems from client-submitted reconnect platform and device family fields not being bound to a device authentication signature. An attacker could use this...

8.6CVSS5.9AI score0.0019EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

OpenClaw Backlink Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a backlink vulnerability that can be exploited by an attacker to cause arbitrary file overwrites...

7.8CVSS6AI score0.00126EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•1 views

OpenClaw code issue vulnerability (CNVD-2026-14860)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a code issue vulnerability that can be exploited by an attacker to bypass the allow list check and execute a trojan binary...

7.8CVSS6AI score0.00128EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

OpenClaw Denial of Service Vulnerability (CNVD-2026-14825)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a denial of service vulnerability that stems from its BlueBubbles and Google Chat webhook handlers parsing request bodies before performing authentication and signature verification. An attacker could...

8.7CVSS5.9AI score0.00418EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

OpenClaw Authorization Bypass Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an authorization bypass vulnerability that can be exploited by an attacker to attack inherited elevated tool privileges via identifier conflict...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•2 views

OpenClaw Authentication Bypass Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw there is an authentication bypass vulnerability , the vulnerability stems from the gateway authentication there is a path normalization mismatch problem , an attacker can use the vulnerability to bypass...

6.5CVSS5.9AI score0.00192EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•3 views

OpenClaw Authentication Strengthening Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an authentication hardening vulnerability that is due to an authentication hardening vulnerability in the browser-sourced WebSocket client in a loopback deployment. An attacker can exploit the...

7.5CVSS5.9AI score0.00294EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•2 views

OpenClaw backlink vulnerability (CNVD-2026-14861)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a backlink vulnerability that can be exploited by an attacker to read and write files outside the agent's workspace, which in turn can be used to execute code via a file overwrite attack...

8.8CVSS6AI score0.00639EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

OpenClaw OS Command Injection Vulnerability

OpenClaw is an automation tool for executing system commands. A security vulnerability exists in the system.run function in versions of OpenClaw prior to 2026.2.22, which stems from not effectively filtering environment variables such as SHELLOPTS and PS4. An attacker can exploit this vulnerabili...

7.5CVSS6.1AI score0.0053EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•3 views

OpenClaw Authorization Bypass Vulnerability (CNVD-2026-14837)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an authorization bypass vulnerability that stems from the system incorrectly treating DM paired stored identities as group allowlist identities when dmPolicy is set to pairing and groupPolicy is set to...

4.3CVSS5.9AI score0.00295EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•3 views

OpenClaw path traversal vulnerability (CNVD-2026-14856)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to bypass group message access control...

7.1CVSS5.9AI score0.00238EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•3 views

OpenClaw Backlink Vulnerability (CNVD-2026-14858)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a backlink vulnerability that can be exploited by an attacker to read arbitrary files outside the boundaries of the configuration workspace...

7.5CVSS6AI score0.00327EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•2 views

OpenClaw has an unspecified vulnerability (CNVD-2026-14834)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that stems from not enforcing dmPolicy and allowFrom authorization checks on Discord direct message response notifications, which can be exploited by an attacker to bypass DM...

6.3CVSS5.9AI score0.00198EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•5 views

OpenClaw Data Forgery Problem Vulnerability (CNVD-2026-14827)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from improperly parsing the X-Forwarded-For header value, which can be exploited by an attacker to spoof a client's IP address and influence security...

6.3CVSS5.9AI score0.00189EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•5 views

OpenClaw OS Command Injection Vulnerability (CNVD-2026-15059)

OpenClaw is an automation tool for executing system commands. An authentication bypass vulnerability exists in versions prior to OpenClaw 2026.2.21 that stems from the system failing to enforce secure authentication when the allowInsecureAuth setting is explicitly enabled and the gateway is expos...

8.1CVSS5.9AI score0.00381EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•6 views

OpenClaw Information Disclosure Vulnerability (CNVD-2026-14826)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an information disclosure vulnerability that stems from the failure of a sandbox mirroring tool to enforce the tools.fs.workspaceOnly restriction on mounted sandbox paths, which can be exploited by an...

6.5CVSS5.9AI score0.00315EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•8 views

OpenClaw Authorization Bypass Vulnerability (CNVD-2026-14841)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an authorization bypass vulnerability that is due to an authorization bypass vulnerability in the WebSocket connection path. An attacker can exploit the vulnerability to perform administrator-only...

9.9CVSS5.9AI score0.00505EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•5 views

OpenClaw path traversal vulnerability (CNVD-2026-14850)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that stems from the function accepting an arbitrary absolute path when the iMessage remote attachment fetch function is enabled. An attacker could use this vulnerability ...

8.2CVSS5.9AI score0.00344EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

OpenClaw path traversal vulnerability (CNVD-2026-14857)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Path Validation Improperity vulnerability, which is caused by an incorrect path validation flaw in sandboxed media handling. An attacker can exploit the vulnerability to traverse a directory on a...

8.6CVSS6AI score0.00344EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

Unspecified vulnerability in Discourse (CNVD-2026-17483)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a security vulnerability that stems from a user with tag editing privileges being able to edit and create synonyms...

3.8CVSS5.7AI score0.0016EPSS
Exploits0
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

OpenClaw backlink vulnerability (CNVD-2026-14859)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a backlink vulnerability, which is caused by a flaw in the static file handler following a symbolic link. An attacker can exploit the vulnerability to read arbitrary files outside the root directory...

5.5CVSS6AI score0.00131EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

OpenClaw has an unspecified vulnerability (CNVD-2026-14832)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that is caused by failing to pass the senderIsOwner flag when processing Discord voice transcription in agentCommand. An attacker could exploit the vulnerability to cause a voi...

5.9CVSS5.9AI score0.00139EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•27 views

Discourse Information Disclosure Vulnerability (CNVD-2026-17477)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that stems from the /private-posts endpoint not applying post type...

6.5CVSS5.7AI score0.00414EPSS
Exploits0
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•5 views

Discourse Information Disclosure Vulnerability (CNVD-2026-17271)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that originates when the ipaddress of a tagged user is exposed to any user...

4.3CVSS5.7AI score0.00284EPSS
Exploits0
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•6 views

Unspecified vulnerability in Discourse (CNVD-2026-17480)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a security vulnerability that stems from improper privilege authentication, which can be exploited by an attacker ...

6.9CVSS5.7AI score0.0027EPSS
Exploits0
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

Unspecified vulnerability in Discourse (CNVD-2026-17481)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a security vulnerability due to an overly broad authorization check on the deleted post index endpoint, which can ...

7.1CVSS5.8AI score0.00274EPSS
Exploits0
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•3 views

OpenClaw has an unspecified vulnerability (CNVD-2026-14830)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from not consistently applying sender policy checks to reaction and pin non-message events, which can be exploited by an attacker to cause the injection of...

5.3CVSS5.9AI score0.00204EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•5 views

Discourse Information Disclosure Vulnerability (CNVD-2026-17478)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that originates from the disclosure of a user's hidden profile information...

6.5CVSS5.7AI score0.00302EPSS
Exploits0
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•3 views

OpenClaw has an unspecified vulnerability (CNVD-2026-14828)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that stems from a standard input-only policy bypass issue in the grep tool in tools.exec.safeBins, which can be exploited by an attacker to read arbitrary files...

6.5CVSS6AI score0.00259EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

Discourse Information Disclosure Vulnerability (CNVD-2026-17479)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an information disclosure vulnerability that stems from insufficient authorization checks on user-operated...

6.5CVSS5.7AI score0.00224EPSS
Exploits0
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•5 views

OpenClaw Authentication Bypass Vulnerability (CNVD-2026-14840)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an authentication bypass vulnerability that originates from allowing clients authenticated with a shared gateway token to connect as a role=node without device authentication. An attacker could use thi...

5.4CVSS5.9AI score0.00268EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

OpenClaw Authentication Bypass Vulnerability (CNVD-2026-14839)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an authentication bypass vulnerability caused by a /api/channels route classification flaw due to a mismatch in the depth of normalization between authentication path classification and route path...

8.3CVSS5.9AI score0.00297EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•7 views

OpenClaw path traversal vulnerability (CNVD-2026-14848)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a path traversal vulnerability that can be exploited by an attacker to read files outside of the workspace...

7.5CVSS5.9AI score0.00335EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•4 views

OpenClaw has an unspecified vulnerability (CNVD-2026-14838)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from a failure to enforce sender authorization checks on interactive callbacks in shared workspace deployments, which can be exploited by an attacker to cause...

8.1CVSS5.9AI score0.00283EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•8 views

OpenClaw has an unspecified vulnerability (CNVD-2026-14829)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that stems from an allowable list bypass issue with the exec safeBins policy, which can be exploited by an attacker to write to arbitrary files using a short option payload...

7.1CVSS6AI score0.00258EPSS
Exploits0References1
CNVD
CNVD
•added 2026/03/24 12:0 a.m.•3 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-14842)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that is caused by a failure to properly handle authentication boot errors during startup. An attacker can exploit the vulnerability to cause a local process or...

7.8CVSS5.9AI score0.0011EPSS
Exploits0References1
Total number of security vulnerabilities131179