Lucene search
K
GithubRecent

33227 matches found

Github Security Blog
Github Security Blog
added 2026/03/04 7:28 p.m.7 views

OpenClaw Vulnerable to Local File Exfiltration via MCP Tool Result MEDIA: Directive Injection

Summary A malicious or compromised MCP Model Context Protocol tool server can exfiltrate arbitrary local files from the host system by injecting MEDIA: directives into tool result text content. OpenClaw's tool result processing pipeline extracts file paths from MEDIA: tokens without source-level...

6.1AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 7:21 p.m.8 views

OpenClaw: Hardlink alias checks could bypass workspace-only file boundaries in specific configurations

Summary In certain workspace-restricted configurations, OpenClaw could follow hardlink aliases inside the workspace that reference files outside the workspace boundary. By default, tools.fs.workspaceOnly is off. This primarily affects deployments that intentionally enable workspace-only filesyste...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 7:17 p.m.6 views

OpenClaw Canvas Authentication Bypass Vulnerability

ZDI-CAN-29311: OpenClaw Canvas Authentication Bypass Vulnerability -- ABSTRACT ------------------------------------- Trend Micro's Zero Day Initiative has identified a vulnerability affecting the following products: OpenClaw - OpenClaw -- VULNERABILITY DETAILS ------------------------ Version...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 7:13 p.m.14 views

OpenClaw's image tool bypasses tools.fs.workspaceOnly on sandbox mount paths and exfiltrates out-of-workspace images

Summary In OpenClaw, the sandboxed image tool did not honor tools.fs.workspaceOnly=true for mounted paths resolved by the sandbox FS bridge. This allowed reading out-of-workspace mounted images for example /agent/ and forwarding those bytes to vision model providers. Impact Sandbox boundary bypas...

6.5CVSS5.9AI score0.00315EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 7:3 p.m.10 views

OpenClaw has incomplete IPv4 special-use SSRF blocking in web fetch guard

Summary isPrivateIpv4 in bundled SSRF guard code missed several IPv4 special-use/non-global ranges, so webfetch could allow targets that should be blocked by SSRF policy. Affected Packages / Versions - Package: openclaw npm - Latest published affected version: 2026.2.21-2 published 2026-02-21 -...

7.4CVSS6AI score0.00206EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 7:2 p.m.8 views

OpenClaw has agent avatar symlink traversal in gateway session metadata

Summary A crafted local avatar path could follow a symlink outside the agent workspace and return arbitrary file contents as a base64 data: URL in gateway responses. Impact - Confidentiality impact: local file read in the gateway process context. - Exfiltration path: agents.list can return the...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 6:58 p.m.12 views

OpenClaw's elevated allowFrom accepted broader identity signals than specified within sender-scoped authorization

Summary In certain elevated-mode configurations, tools.elevated.allowFrom accepted broader identity signals than intended. The fix tightens matching to sender-scoped identity by default and makes mutable metadata matching explicit. Context OpenClaw is commonly used in 1:1 chats or trusted group...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 6:56 p.m.8 views

OpenClaw has cross-account DM pairing authorization bypass via unscoped pairing store access

Summary OpenClaw had account-scope gaps in pairing-store access for DM pairing policy, which could let a pairing approval from one account authorize the same sender on another account in multi-account setups. Impact This is an authorization-boundary weakness in multi-account channel deployments. ...

8.1CVSS6AI score0.00165EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 6:55 p.m.8 views

OpenClaw has SSRF guard bypass via IPv6 transition over ISATAP

Summary OpenClaw's SSRF hostname/IP guard did not detect ISATAP embedded IPv4 addresses ...:5efe:w.x.y.z. A crafted URL containing an ISATAP IPv6 literal could embed a private IPv4 target for example loopback and bypass private-address filtering in URL-fetching paths. Severity Assessment Rated...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 6:55 p.m.6 views

OpenClaw: Slack interactive callbacks could skip configured sender checks in some shared-workspace flows

Impact In shared Slack workspace deployments that rely on sender restrictions allowFrom, DM policy, or channel user allowlists, some interactive callbacks blockaction, viewsubmission, viewclosed could be accepted before full sender authorization checks. In that scenario, an unauthorized workspace...

8.1CVSS6AI score0.00283EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 6:49 p.m.10 views

CKEditor 5 has Cross-site Scripting (XSS) in the HTML Support package

Impact A Cross-Site Scripting XSS vulnerability has been discovered in the General HTML Support feature. This vulnerability could be triggered by inserting specially crafted markup, leading to unauthorized JavaScript code execution, if the editor instance used an unsafe General HTML Support...

6.4CVSS6AI score0.00268EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
added 2026/03/04 6:29 p.m.4 views

Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes (Slowloris DOS)

Impact There is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared before the TLS handshake is completed. When a TLS handshake read error occurs, the code...

7.5CVSS6.2AI score0.00539EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
added 2026/03/04 6:23 p.m.9 views

Traefik has unbounded io.ReadAll on auth server response body that causes OOM DOS

Impact There is a potential vulnerability in Traefik managing the ForwardAuth middleware responses. When Traefik is configured to use the ForwardAuth middleware, the response body from the authentication server is read entirely into memory without any size limit. There is no maxResponseBodySize...

4.4CVSS6.2AI score0.00451EPSS
Exploits0References5Affected Software2
Github Security Blog
Github Security Blog
added 2026/03/04 6:18 p.m.7 views

Dark Reader gives users the ability to request style sheets from local web servers

Description Dark Reader versions prior to 4.9.117 included a behavior where a website could request a style sheet from a locally running web server, for example http://localhost:8080/style.css, If an address was available and returned a text/css content type. Patches The problem was fixed in...

3.4CVSS5.9AI score0.00108EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 6:16 p.m.10 views

XWiki Blog Application home page vulnerable to Stored XSS via Post Title

Impact The Blog Application is vulnerable to Stored Cross-Site Scripting XSS via the Blog Post Title. The vulnerability arises because the post title is injected directly into the HTML tag without proper escaping. An attacker with permissions to create or edit blog posts can inject malicious...

9CVSS5.8AI score0.00353EPSS
Exploits3References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 9:31 a.m.9 views

Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound

Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...

8.8CVSS6AI score0.0078EPSS
Exploits0References6Affected Software3
Github Security Blog
Github Security Blog
added 2026/03/04 9:31 a.m.7 views

Apache Artemis and Apache ActiveMQ Artemis are Missing Authentication for Critical Functions

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS6AI score0.10629EPSS
Exploits1References6Affected Software2
Github Security Blog
Github Security Blog
added 2026/03/04 3:31 a.m.4 views

Concrete CMS has a stored Cross-site Scripting (XSS) vulnerability

In Concrete CMS below version 9.4.8, a rogue administrator can add stored XSS via the Switch Language block. The Concrete CMS security team gave thanks M3dium for reporting...

4.8CVSS5.9AI score0.00199EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 3:31 a.m.8 views

Concrete CMS has a stored Cross-site Scripting (XSS) vulnerability

In Concrete CMS below version 9.4.8, A stored Cross-site Scripting XSS vulnerability exists in the search block where page names and content are rendered without proper HTML encoding in search results. This allows authenticated, rogue administrators to inject malicious JavaScript through page nam...

4.8CVSS5.9AI score0.00195EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 3:31 a.m.9 views

Concrete CMS vulnerable to Remote Code Execution by stored PHP object injection

Concrete CMS below version 9.4.8 is vulnerable to Remote Code Execution by stored PHP object injection into the Express Entry List block via the columns parameter. An authenticated administrator can store attacker-controlled serialized data in block configuration fields that are later passed to...

8.9CVSS6AI score0.00605EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 3:31 a.m.7 views

Concrete CMS has a stored Cross-site Scripting (XSS) vulnerability

In Concrete CMS below version 9.4.8, a Cross-site Scripting XSS vulnerability exists in the "Legacy Form" block. An authenticated user with permissions to create or edit forms e.g., a rogue administrator can inject a persistent JavaScript payload into the options of a multiple-choice question...

4.8CVSS5.9AI score0.00208EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 3:31 a.m.9 views

Concrete CMS has a stored Cross-site Scripting (XSS) vulnerability

In Concrete CMS below version 9.4.8, a user with permission to edit a page with element Legacy form can perform a stored XSS attack towards high-privilege accounts via the Question field. The Concrete CMS security team thanks minhnn42, namdi and quanlna2 from VCSLab-Viettel Cyber Security for...

4.8CVSS5.9AI score0.00212EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/04 3:31 a.m.5 views

Concrete CMS vulnerable to Cross-Site Request Forgery (CSRF)

Concrete CMS below version 9.4.8 is subject to CSRF by a Rogue Administrator using the Anti-Spam Allowlist Group Configuration via groupid parameter which can leads to a security bypass since changes are saved prior to checking the CSRF token. The Concrete CMS security team thanks z3rco for...

6.8CVSS5.9AI score0.00208EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:32 p.m.9 views

OpenClaw's serialize sandbox registry writes to prevent races and delete-rollback corruption

Impact Concurrent updateRegistry/removeRegistryEntry operations for sandbox containers and browsers could lose updates or resurrect removed entries under race conditions. The registry writes were read-modify-write in a window with no locking and permissive fallback parsing, so concurrent registry...

4.8CVSS5.9AI score0.00134EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:32 p.m.21 views

OpenClaw's Node role device-identity bypass allows unauthorized node.event injection

Summary A client authenticated with a shared gateway token could connect as role=node without device identity/pairing, then call node.event to trigger agent.request and voice.transcript flows. Affected Packages / Versions - Package: npm openclaw - Affected versions: = 2026.2.21-2 - Patched versio...

5.4CVSS6.1AI score0.00268EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:19 p.m.17 views

OpenClaw's commands.allowFrom sender authorization accepted conversation identifiers via ctx.From

Summary commands.allowFrom is documented as a sender authorization allowlist for commands/directives, but command authorization could include ctx.From conversation identity as a sender candidate. When commands.allowFrom contained conversation-like identifiers for example Discord channel: or...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:19 p.m.12 views

OpenClaw has Windows Lobster shell fallback command injection in constrained fallback path

Summary On Windows, the Lobster extension previously retried certain spawn failures ENOENT/EINVAL with shell: true for wrapper compatibility. In that fallback path, tool-provided arguments could be interpreted by cmd.exe if fallback was triggered. Affected Packages / Versions - Package: openclaw...

7CVSS6.1AI score0.00525EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:18 p.m.9 views

OpenClaw's Zalo group sender allowlist bypass permits unauthorized GROUP dispatch

A missing group-sender authorization check in the Zalo plugin allowed unauthorized GROUP messages to enter agent dispatch paths in configurations intended to restrict group traffic. Impact When Zalo group handling was configured with allowlist-style controls, a sender not present in the intended...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:17 p.m.9 views

OpenClaw has Canvas route hardening for mixed-trust deployments

Summary This advisory tracks a defense-in-depth hardening for canvas routes. In mixed-trust or network-visible deployments, prior canvas auth/fallback behavior could broaden access beyond intended boundaries. Deployment Context OpenClaw’s default model is trusted host + loopback-first access. Som...

5.9AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:13 p.m.15 views

OpenClaw's exec allowlist wrapper analysis did not unwrap env/shell dispatch chains

Summary system.run exec allowlist analysis treated wrapper binaries as the effective executable and did not fully unwrap env/shell-dispatch wrappers. This allowed wrapper-smuggled payloads for example env bash -lc ... to satisfy an allowlist entry for the wrapper while executing non-allowlisted...

8.8CVSS6.1AI score0.00419EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:12 p.m.11 views

OpenClaw's typed sender-key matching for toolsBySender prevents identity-collision policy bypass

Summary channels..groups..toolsBySender could match a privileged sender policy using a colliding mutable identity value for example senderName or senderUsername when deployments used untyped keys. The fix introduces explicit typed sender keys id:, e164:, username:, name:, keeps legacy untyped key...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:11 p.m.9 views

OpenClaw's Signal reaction-only status events could, in limited cases, be enqueued before access checks

Summary In a narrow Signal reaction-notification path, reaction-only inbound events could enqueue a status event before sender access checks were applied. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.24 latest published at patch time - Fixed: 2026.2.25 Details In the...

6.3CVSS5.9AI score0.0021EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:10 p.m.7 views

OpenClaw's sandbox bind validation could bypass allowed-root and blocked-path checks via symlink-parent missing-leaf paths

Summary In openclaw up to and including 2026.2.23 latest npm release as of February 24, 2026, sandbox bind-source validation could be bypassed when a bind source used a symlinked parent plus a non-existent leaf path. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.24...

7.5CVSS5.9AI score0.00254EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:9 p.m.8 views

OpenClaw: Zip extraction symlink traversal could write outside destination

Summary A path confinement bypass in OpenClaw ZIP extraction allowed writes outside the intended destination when a pre-existing symlink was present under the extraction root. Affected Packages / Versions - Package: openclaw npm - Latest published npm version at triage time: 2026.2.21-2 - Affecte...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:8 p.m.10 views

OpenClaw's Nextcloud Talk webhook replay could trigger duplicate inbound processing

Summary When Nextcloud Talk webhook signing was valid, replayed requests could be accepted without durable replay suppression, allowing duplicate inbound processing after replay-window expiry or process restart. Details OpenClaw's Nextcloud Talk webhook path verified HMACsecret, random + body but...

6.5CVSS5.9AI score0.00267EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:5 p.m.14 views

OpenClaw's tools.exec.safeBins generic fallback allowed interpreter-style inline payload execution in allowlist mode

Summary When tools.exec.safeBins contained a binary without an explicit safe-bin profile, OpenClaw used a permissive generic fallback profile. In allowlist mode, that could let interpreter-style binaries for example python3, node, ruby execute inline payloads via flags like -c. This requires...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:3 p.m.33 views

OpenClaw's Synology Chat dmPolicy=allowlist failed open on empty allowedUserIds, allowing unauthorized agent dispatch

Summary In openclaw versions 2026.2.22 and 2026.2.23, the optional synology-chat channel plugin had an authorization fail-open condition: when dmPolicy was allowlist and allowedUserIds was empty/unset, unauthorized senders were still allowed through to agent dispatch. This is assessed as medium...

9.8CVSS6AI score0.00321EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:1 p.m.17 views

OpenClaw reuses the gateway auth token in the owner ID prompt hashing fallback

Vulnerability OpenClaw reused gateway.auth.token and gateway.remote.token as a fallback hash secret for owner-ID prompt obfuscation when commands.ownerDisplay=hash and commands.ownerDisplaySecret was unset. This created secret dual-use between gateway authentication and prompt metadata hashing...

6.3CVSS5.9AI score0.00262EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 11:0 p.m.6 views

OpenClaw hook transform path containment missed symlink-resolved escapes

Vulnerability Webhook transform modules were validated with lexical path checks only. A symlink under the allowed hooks transform tree could resolve outside the intended directory and be dynamically imported. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.2.21-2 ...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:59 p.m.14 views

In OpenClaw, manually adding sort to tools.exec.safeBins could bypass allowlist approval via --compress-program

Summary This issue applies to a non-default configuration only. If sort is manually added to tools.exec.safeBins, OpenClaw could treat sort --compress-program= as valid safe-bin usage. In security=allowlist + ask=on-miss, this could satisfy allowlist checks and skip operator approval, while GNU...

8.8CVSS5.9AI score0.00286EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:54 p.m.10 views

OpenClaw has a BlueBubbles group allowlist mismatch via DM pairing-store fallback

Summary In [email protected], BlueBubbles group authorization could incorrectly treat DM pairing-store identities as group allowlist identities when dmPolicy=pairing and groupPolicy=allowlist. A sender that was only DM-paired not explicitly present in groupAllowFrom could pass group sender check...

4.3CVSS5.9AI score0.00295EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:25 p.m.12 views

OpenClaw's voice-call Twilio replay dedupe now bound to authenticated webhook identity

Summary The voice-call Twilio webhook path accepted replay/dedupe identity from unsigned request metadata i-twilio-idempotency-token, enabling replayed signed requests to bypass replay detection and manager dedupe by mutating only that header. Affected Packages / Versions - Package: openclaw npm ...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:25 p.m.12 views

OpenClaw has multiple E2E/test Dockerfiles that run all processes as root

Three Dockerfiles in scripts/docker/ and scripts/e2e/ lack a USER directive, meaning all processes run as uid 0 root. If any process is compromised, the attacker has root inside the container, making container breakout significantly easier. Partial fix 2026-02-08: Commit 28e1a65e added USER sandb...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:23 p.m.8 views

OpenClaw has exec allowlist/safeBins policy-runtime mismatch via env -S wrapper interpretation

Summary tools.exec allowlist/safe-bins evaluation could diverge from runtime execution for wrapper commands using GNU env -S/--split-string semantics. This allowed policy checks to treat a command as a benign safe-bin invocation while runtime executed a different payload. Affected Packages /...

6.2AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:21 p.m.7 views

OpenClaw: Microsoft Teams media fetch paths bypass shared SSRF guard model

Impact Microsoft Teams media handling used mixed fetch paths for Graph metadata/content and attachment auth-retry flows. Some paths bypassed the shared SSRF guard model and created inconsistent host/DNS enforcement across redirect/fetch hops. Affected Packages / Versions - Package: openclaw npm -...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:18 p.m.9 views

OpenClaw's browser-origin WebSocket auth hardening gap could enable loopback password brute-force chains

This issue is a browser-origin WebSocket auth chain on local loopback deployments using password auth. It is serious, but conditional: an attacker must get the user to open a malicious page and then successfully guess the gateway password. Context and Preconditions OpenClaw’s web/gateway surface ...

7.5CVSS6AI score0.00294EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:17 p.m.4 views

OpenClaw improperly parses X-Forwarded-For behind trusted proxies allows client IP spoofing in security decisions

Summary OpenClaw used left-most X-Forwarded-For values when requests came from configured trusted proxies. In proxy chains that append/preserve header values, this could let attacker-controlled header content influence security decisions tied to client IP. Affected Packages / Versions - Package:...

6.3CVSS5.9AI score0.00189EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:13 p.m.13 views

OpenClaw's non-default autoAllowSkills setting could bypass on-miss exec prompt

Summary In openclaw versions up to and including 2026.2.22-2, a non-default exec-approval configuration could allow a skill-name collision to bypass an ask=on-miss prompt. When autoAllowSkills=true, a path-scoped executable such as ./skill-bin could resolve to basename skill-bin, satisfy the skil...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:12 p.m.14 views

OpenClaw's shell startup env injection bypasses system.run allowlist intent (RCE class)

Summary system.run environment sanitization allowed shell-startup env overrides HOME, ZDOTDIR that can execute attacker-controlled startup files before allowlist-evaluated command bodies. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.22 Technical Details In affected...

9.8CVSS6.1AI score0.00559EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/03 10:12 p.m.28 views

OpenClaw's runtime /debug override path accepted prototype-reserved keys

Summary OpenClaw accepted prototype-reserved keys in runtime /debug set override object values proto, constructor, prototype. Impact /debug is disabled by default, and exploitation requires an already authorized /debug set caller. No unauthenticated vector was identified. This issue affects runti...

4.3CVSS5.9AI score0.00237EPSS
Exploits0References5Affected Software1
Total number of security vulnerabilities33227