CVE-2026-53817

OpenClaw CVE-2026-53817 affects the Control UI pairing in OpenClaw, where locality validation is insufficient. This allows attackers with network access to spoof locality information and obtain durable admin-capable device tokens, converting temporary shared access into persistent administrative ...

CVE-2026-53816

OpenClaw before 2026.5.18 is affected by an insufficient provenance validation vulnerability in node event handling. A malicious or compromised paired node can send crafted node.event messages to the gateway, allowing forging of exec lifecycle events and steering target sessions into exec-event p...

CVE-2026-53815

OpenClaw is affected by an authorization bypass in the message read actions present before 2026.5.19. The root cause is insufficient validation that should enforce channel allowlists, allowing lower-trust callers to request messages from channels not intended for them and exposing potentially sen...

CVE-2026-53814

OpenClaw before 2026.5.20 contains a privilege-escalation vulnerability in which a hook-triggered agent runs with owner-scoped MCP loopback authority instead of the hook-appropriate scope. Attackers with a valid hook token can use the /hooks/agent endpoint to cause spawned CLI runtimes to access ...

CVE-2026-53813

OpenClaw is vulnerable prior to version 2026.4.25 due to a path traversal in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations, potentially execut...

CVE-2026-53812

CVE-2026-53812 describes a server-side request forgery in OpenClaw’s browser control prior to version 2026.5.18. The vulnerability allows authenticated users to bypass private-network navigation checks by using Playwright act interactions, enabling navigation to private-network targets via action...

CVE-2026-53811

OpenClaw is affected up to version 2026.5.7. The vulnerability is a privilege escalation in the Matrix allowFrom feature caused by mutable display name metadata, allowing authenticated accounts to match policy entries and receive agent access intended for another Matrix identity. Depending on ope...

CVE-2026-53810

OpenClaw is affected by a code execution vulnerability present before version 2026.5.18. The issue arises from marketplace runtime extension metadata that can redirect loading to unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin co...

CVE-2026-53809

OpenClaw is affected: the vulnerability exists in the embedded runner policy prior to version 2026.4.25. The issue is a policy bypass caused by provider alias confusion, allowing requests to be evaluated against aliases instead of canonical provider identities. Exploitation could enable access to...

CVE-2026-53808

OpenClaw prior to 2026.5.6 contains an approval policy bypass in the Skill Workshop apply flow, allowing attacker-controlled agent tool calls to set apply: true despite approvalPolicy: pending. This enables modification of workshop configurations without proper authorization when the affected app...

CVE-2026-53807

OpenClaw prior to 2026.5.6 is vulnerable to an authorization bypass in Telegram interactive callbacks via commands.allowFrom. An authenticated user can invoke affected callbacks to bypass allowlist validation and mark themselves as authorized senders, enabling command behavior outside Telegram se...

CVE-2026-53806

OpenClaw vulnerability CVE-2026-53806 affects OpenClaw prior to version 2026.5.12. A shell option parsing flaw allows combined POSIX shell flags to bypass exec revalidation checks, enabling execution of inline shell content without the intended allowlist validation when the affected feature is en...

CVE-2026-41005

Cloud Foundry UAA (uaa_release 2.0.0–78.13.0) and CF Deployment up to 56.1.0 are affected by CVE-2026-41005, where XML encryption intended for confidentiality in SAML content was incorrectly treated as a substitute for XML signatures, enabling authentication bypass in two flows: OAuth 2.0 SAML2 b...

CVE-2026-50005

CVE-2026-50005 affects Brickcom cameras that ship with default credentials, enabling any unauthenticated remote attacker to silently access camera feeds. The documented CVSS metrics indicate a HIGH impact with confidentiality and integrity concerns, Local attack vector, and no user interaction re...

CVE-2026-50245

The CVE-2026-50245 entry concerns Brickcom cameras that expose live snapshot images unauthenticated through the ONVIF endpoint. The documented impact notes no authentication is required to retrieve still images from the camera feed, indicating a confidentiality and integrity risk to image data. C...

CVE-2026-53782

CVE-2026-53782 affects Summarize

CVE-2026-53781

The CVE affects the Summarize utility prior to version 0.17.0. Vulnerable path is the temp-file-based media download, where an unbounded response can be streamed via the download/response path, causing disk and resource exhaustion. Root cause: responses bypass the enforced size limit due to missi...

CVE-2026-49973

CVE-2026-49973 affects Hermes WebUI prior to version 0.51.358. The issue is an improper access control in the settings API that allows unauthenticated remote attackers to hijack the initial setup by posting to the /api/settings endpoint using the _set_password parameter without origin restriction...

CVE-2026-45802

CVE-2026-45802 affects FPDI, a PHP library that reads pages from existing PDFs to use as templates in FPDF. The issue, present in versions prior to 2.6.7, allows an attacker to upload a small malicious PDF that exhausts memory or triggers script timeouts, causing the server-side process to crash ...

CVE-2026-45175

Idira Endpoint Privilege Manager Agent versions prior to 26.5 are affected by an improper access control in internal agent validation, potentially allowing a local attacker to bypass built‑in security controls and cryptographic validations, bypass agent self‑defense, and execute unauthorized oper...

CVE-2026-46489

SolidInvoice (open-source invoicing platform) contains CVE-2026-46489: before version 2.3.17, the logo upload feature accepts any file type without validation, allowing an authenticated administrator to upload an SVG containing embedded JavaScript. The script is base64-encoded and injected unesca...

CVE-2026-49949

CodexBar

CVE-2026-46622

SolidInvoice before v2.3.17 stores API tokens in plaintext in the api_tokens database table. If an attacker gains read access to the database (e.g., via SQL injection, leaked backups, misconfigured replicas, or insider access), they can immediately obtain all API credentials for every user with n...

CVE-2026-47181

CVE-2026-47181 affects the PenguinMod-BackendApi, the backend API for PenguinMod. Prior to version 1.0.0, a NoSQL injection flaw in the password reset endpoint lets any authenticated user change the password of an account, enabling full account takeover. An attacker must have a registered account...

CVE-2026-45176

CVE-2026-45176 affects Idira Endpoint Privilege Manager Agent versions prior to 26.5. The issue is improper access control in high-privileged agent components, allowing a local, low-privileged attacker to manipulate an internal communication mechanism or file operation and potentially bypass perm...

CVE-2025-30431

CVE-2025-30431 affects macOS Sequoia before 15.4, macOS Sonoma before 14.7.5, and macOS Ventura before 13.7.5. The issue stems from insufficient checks that could allow a malicious application to access private information. The vulnerability is addressed with fixes in Sequoia 15.4, Sonoma 14.7.5,...

CVE-2025-24268

The CVE-2025-24268 issue is tied to macOS Sequoia: a parsing problem in the handling of directory paths allowed an application to access sensitive user data. Root cause: inadequate path validation. Affected versions are prior to macOS Sequoia 15.4; the fix is implemented in Sequoia 15.4. Practica...

CVE-2025-43339

CVE-2025-43339 concerns an access issue in macOS Tahoe prior to 26.1 where a malicious app could access sensitive user data. The PT-2025-55367 entry corroborates this and states the vulnerability is mitigated by additional sandbox restrictions, with the fix available in macOS Tahoe 26.1. Affected...

CVE-2025-46293

The CVE-2025-46293 issue relates to macOS prior to Sequoia 15.4 where improper handling of symbolic links could allow an app to access protected user data. The root cause is described as improved handling of symlinks in Sequoia 15.4, which fixes the vulnerability. The fix is to update to macOS Se...

CVE-2025-46315

CVE-2025-46315 describes a permissions issue in macOS Tahoe prior to update. An application may be able to access protected user data due to insufficient restrictions. Affected software is macOS Tahoe; the fix is implemented in macOS Tahoe 26.1. Practical impact is high (C:H/I:N/A:N per CVSS 3.1 ...

CVE-2025-31272

CVE-2025-31272 affects macOS Sequoia (initially reported as a bypass of launch-constraint protections). The issue enables an app to bypass launch constraints and execute malicious code with elevated privileges. It is fixed in macOS Sequoia 15.4. Affected versions prior to Sequoia 15.4 are address...

CVE-2025-30459

The CVE-2025-30459 entry describes a privacy issue in macOS Sequoia where an application may access sensitive user data. A root cause is identified as the presence of vulnerable code that has been removed, with the fix shipped in macOS Sequoia 15.4. Affected software is macOS Sequoia (earlier tha...

CVE-2025-24284

Summary of CVE-2025-24284: A sandbox breakout vulnerability affecting macOS prior to Sequoia 15.4. The issue allows an application to break out of its sandbox, with the fixed version being macOS Sequoia 15.4. No exploit details are provided in the connected documents. Remediation is to upgrade to...

CVE-2025-24165

CVE-2025-24165 describes a permissions issue in macOS where an app may be able to cause unexpected system termination. The connected documents confirm the affected platforms are macOS Sequoia (15.4+), macOS Sonoma (14.7.5+), and macOS Ventura (13.7.5+). The underlying cause is a permissions-relat...

CVE-2025-46313

CVE-2025-46313 describes a logging issue in macOS Tahoe 26.1 where sensitive user data could be exposed due to insufficient data redaction. Affected product: macOS Tahoe (specific version prior to 26.1). Root cause: inadequate redaction in log/data handling within the system components. Impact: a...

CVE-2025-43278

CVE-2025-43278 affects macOS Sequoia prior to 15.4; the issue arises from improper handling of symlinks and is addressed in macOS Sequoia 15.4. The description notes that an app may be able to access protected user data due to this flaw. According to the connected sources, the vulnerability is mi...

CVE-2025-46308

CVE-2025-46308: An authorization issue related to state management could allow an app to leak sensitive user information. Affected: iOS prior to 18.4, iPadOS prior to 18.4, and macOS Sequoia prior to 15.4. Fixed in iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4. Mitigation: update to the fixed ver...

CVE-2026-47174

Technical details such as affected components, versions, exploit paths, and fixes are not provided in the supplied documents; monitor for updates.

CVE-2026-45177

CVE-2026-45177 affects Idira Secrets Manager SaaS Edge prior to 1.8. The issue is improper access control in internal authentication components, enabling a remote, unauthenticated attacker to submit a crafted request that could bypass identity verification and lead to unauthorized acquisition of ...

CVE-2026-47170

Garlic-Hub is affected by a CVE-2026-47170 SSRF in the uploadFromUrl endpoint. Prior to version 1.1 , authenticated users could cause the server to issue arbitrary HTTP requests to internal services, enabling internal port scanning, service fingerprinting, and retrieval of internal HTTP responses...

CVE-2026-47250

CVE-2026-47250 concerns mcp-server-kubernetes, where the kubectl_generic tool exposes a flag-injection vulnerability due to passing user-supplied flags directly to kubectl without an allowlist. This can enable a privilege-escalation path in Kubernetes environments: an attacker with limited access...

CVE-2026-46519

CVE-2026-46519 affects mcp-server-kubernetes (Model Context Protocol server) prior to version 3.6.0. The issue stems from access controls implemented via three environment variables (ALLOW_ONLY_READONLY_TOOLS, ALLOW_ONLY_NON_DESTRUCTIVE_TOOLS, ALLOWED_TOOLS) being enforced only at the tool discov...

CVE-2026-52860

Vim before version 9.2.0597 is affected by a Python omni-completion vulnerability: reconstructed function and class definitions from the current buffer are executed via exec(), allowing attacker-controlled Python expressions to run during completion. This can impact confidentiality, integrity, an...

CVE-2026-48547

KanaDojo exposes a command injection in its release workflow. The vulnerability stems from patchNotesData.json fields version/changes being unsafely interpolated into a child_process.execSync() call within release.yml, allowing a PR with shell metacharacters to execute arbitrary commands. If a ma...

CVE-2026-52859

CVE-2026-52859 : Vim contains an out-of-bounds read in update_snapshot() (src/terminal.c) when taking a terminal snapshot. For cells that fill all 6 slots, libvterm can omit a terminating NUL, causing the loop to read past the six-element chars[] and append extra data to the scrollback buffer. Af...

CVE-2026-52858

Vim before 9.2.0561 is vulnerable via Python omni-completion (python3complete.vim for +python3, and legacy pythoncomplete.vim for +python) where the current buffer’s sys.path allows importing and executing a sibling package’s top-level code when opening a hostile .py file. Root cause: omni-comple...

CVE-2026-47162

Vim (with the netrw plugin) is affected by CVE-2026-47162 due to a Vimscript code injection in s:NetrwBookHistSave() when serializing directory paths to the history file ~/.vim/.netrwhist. A directory name from the filesystem can be interpolated into a single-quoted Vimscript string literal witho...

CVE-2026-47167

Vim has a code injection vulnerability in the cucumber filetype plugin (runtime/ftplugin/cucumber.vim) affecting builds with +ruby support prior to version 9.2.0496. A crafted step-definition regex pulled from .rb files under features// or stories/ / directories is embedded into a Ruby Kernel.eva...

CVE-2026-47189

CVE-2026-47189 — Quest Bot AutoMod removal : The issue affects Quest Bot (Discord bot) prior to version 1.0.5, where the AutoMod remove flow looks up and deletes rules by a global database ID without verifying that the rule belongs to the guild where the command runs. An attacker can learn a vict...

CVE-2026-47188

Quest Bot is an open‑source Discord bot for moderation. CVE-2026-47188 describes a vulnerability in versions prior to 1.0.5 where the /unban and /unwarn commands echo user-provided reason text in public bot messages without respecting allowedMentions, enabling mass pings via @everyone or @here. I...