Lucene search
K
GithubRecent

33187 matches found

Github Security Blog
Github Security Blog
added 2026/04/10 3:33 p.m.7 views

Helm's plugin verification fails open when .prov is missing, allowing unsigned plugin install

Helm is a package manager for Charts for Kubernetes. In Helm versions =4.0.0 and =4.1.3, Helm will install plugins missing provenance .prov file when signature verification is required. Impact The bug allows plugin authors to omit provenance signing data from plugins, bypassing plugin signature...

8.4CVSS6.1AI score0.00178EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 3:32 p.m.8 views

Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory

Helm is a package manager for Charts for Kubernetes. In Helm versions =4.0.0 and =4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. Impact A Helm user who installs or updates a plugin that is...

8.6CVSS5.9AI score0.00158EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 3:32 p.m.8 views

Wasmtime has improperly masked return value from `table.grow` with Winch compiler backend

Impact Wasmtime's Winch compiler backend contains a bug where translating the table.grow operator causes the result to be incorrectly typed. For 32-bit tables this means that the result of the operator, internally in Winch, is tagged as a 64-bit value instead of a 32-bit value. This invalid...

7.5CVSS5.7AI score0.00214EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 3:31 p.m.10 views

Duplicate Advisory: LiteLLM has a sandbox escape in custom-code guardrail

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wxxx-gvqv-xp7p. This link is maintained to preserve external references. Original Description LiteLLM through 2026-04-08 allows remote attackers to execute arbitrary code via bytecode rewriting at the...

8.8CVSS6.2AI score0.06496EPSS
Exploits2References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 3:31 p.m.14 views

Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access

Impact Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch compiler -Ccompiler=winch. By default, Wasmtime uses its Cranelift backend, not...

9.9CVSS5.8AI score0.00278EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 3:31 p.m.12 views

Vikunja: Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade

Title Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade Description Vikunja's link share authentication constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner deletes a link share or...

6.5CVSS5.8AI score0.00268EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 3:30 p.m.5 views

Vikunja has TOTP Two-Factor Authentication Bypass via OIDC Login Path

Summary The OIDC callback handler issues a full JWT token without checking whether the matched user has TOTP two-factor authentication enabled. When a local user with TOTP enrolled is matched via the OIDC email fallback mechanism, the second factor is completely skipped. Details The OIDC callback...

9.1CVSS5.9AI score0.00281EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:31 p.m.7 views

Apache ActiveMQ: Denial of Service via Out of Memory vulnerability

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ. ActiveMQ NIO SSL transports do not correctly handle TLSv1.3 handshake KeyUpdates triggered by clients. This makes it possible for a client to rapidly trigger updates which causes...

7.5CVSS5.8AI score0.00896EPSS
Exploits0References4Affected Software4
Github Security Blog
Github Security Blog
added 2026/04/10 9:31 a.m.11 views

parisneo/lollms vulnerable to stored XSS in the social feature

A Stored Cross-Site Scripting XSS vulnerability was identified in the social feature of parisneo/lollms, affecting the latest version prior to 2.2.0. The vulnerability exists in the createpost function within backend/routers/social/init.py, where user-provided content is directly assigned to the...

9.6CVSS5.8AI score0.00405EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 9:31 a.m.6 views

Spring Cloud Gateway's SSL bundle configuration silently bypassed

When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...

7.5CVSS5.8AI score0.00217EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 6:31 a.m.9 views

OpenClaw vulnerable to SSRF in src/agents/tools/web-fetch.ts

A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the file src/agents/tools/web-fetch.ts of the component assertPublicHostname Handler. Executing a manipulation can lead to server-side request forgery. The attack can be executed...

8.1CVSS5.2AI score0.0042EPSS
Exploits1References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 3:31 a.m.9 views

OpenStack Keystone: Restricted application credentials can create EC2 credentials

An issue was discovered in OpenStack Keystone 14 through 26 before 26.1.1, 27.0.0, 28.0.0, and 29.0.0. Restricted application credentials can create EC2 credentials. By using a restricted application credential to call the EC2 credential creation API, an authenticated user with only a reader role...

5.3CVSS5.9AI score0.0022EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.4 views

Zod jsVideoUrlParser vulnerable to ReDoS in util.js

A weakness has been identified in Zod jsVideoUrlParser up to 0.5.1. The impacted element is the function getTime in the library lib/util.js. This manipulation of the argument timestamp causes inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit ha...

6.9CVSS5.7AI score0.00372EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.24 views

Duplicate Advisory: OpenClaw: Feishu webhook reads and parses unauthenticated request bodies before signature validation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3h52-cx59-c456. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.25 parses JSON request bodies before validating webhook signatures, allowing unauthenticated...

7.5CVSS5.8AI score0.00436EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.9 views

Duplicate Advisory: OpenClaw: Symlink Traversal via IDENTITY.md appendFile in agents.create/update (Incomplete Fix for CVE-2026-32013)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7xr2-q9vf-x4r5. This link is maintained to preserve external references. Original Description OpenClaw through 2026.2.22 contains a symlink traversal vulnerability in agents.create and agents.update handlers tha...

8.8CVSS6.5AI score0.00639EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.8 views

Duplicate Advisory: OpenClaw: Synology Chat Webhook Pre-Auth Rate-Limit Bypass Enables Brute-Force Guessing of Webhook Token

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mf5g-6r6f-ghhm. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.25 contains a pre-authentication rate-limit bypass vulnerability in webhook token validation...

6.5CVSS5.7AI score0.00244EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.6 views

Duplicate Advisory: OpenClaw is vulnerable to unauthenticated resource exhaustion through its voice call webhook handling

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rm59-992w-x2mv. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 contains an unauthenticated resource exhaustion vulnerability in voice call webhook handlin...

6.9CVSS5.7AI score0.00494EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.6 views

Duplicate Advisory: OpenClaw: Telegram Webhook Missing Guess Rate Limiting Enables Brute-Force Guessing of Weak Webhook Secret

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vcx4-4qxg-mfp4. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.25 contains a missing rate limiting vulnerability in Telegram webhook authentication that allo...

6.5CVSS5.7AI score0.00287EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.6 views

Duplicate Advisory: OpenClaw: Tlon cite expansion happens before channel and DM authorization is complete

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vfg3-pqpq-93m4. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 performs cite expansion before completing channel and DM authorization checks, allowing cit...

7.3CVSS5.7AI score0.00247EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.12 views

Duplicate Advisory: OpenClaw: Gateway Plugin Subagent Fallback `deleteSession` Uses Synthetic `operator.admin`

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-h4jx-hjr3-fhgc. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in the gateway plugin subagent fallback...

8.8CVSS5.8AI score0.0028EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.6 views

Duplicate Advisory: OpenClaw: Nostr inbound DMs could trigger unauthenticated crypto work before sender policy enforcement

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-65h8-27jh-q8wv. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before...

8.2CVSS5.7AI score0.00454EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.6 views

Duplicate Advisory: OpenClaw: Gateway Canvas local-direct requests bypass Canvas HTTP and WebSocket authentication

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6mqc-jqh6-x8fc. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.23 contains an authentication bypass vulnerability in the Canvas gateway where...

5.1CVSS5.7AI score0.00141EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.5 views

Duplicate Advisory: OpenClaw: Remote media error responses could trigger unbounded memory allocation before failure

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4qwc-c7g9-4xcw. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 contains an unbounded memory allocation vulnerability in remote media HTTP error handling...

6.9CVSS5.8AI score0.0036EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.6 views

Duplicate Advisory: OpenClaw Gateway: RCE and Privilege Escalation from operator.pairing to operator.admin via device.pair.approve

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hf68-49fm-59cq. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows...

8.8CVSS6.3AI score0.00458EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.6 views

Duplicate Advisory: OpenClaw: SSRF via Unguarded Configured Base URLs in Multiple Channel Extensions (Incomplete Fix for CVE-2026-28476)

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rhfg-j8jq-7v2h. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.25 contains a server-side request forgery vulnerability in multiple channel extensions that fa...

5.7AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.7 views

Duplicate Advisory: OpenClaw Bypasses DM Policy Separation via Synology Chat Webhook Path Collision

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rqp8-q22p-5j9q This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 contains a webhook path route replacement vulnerability in the Synology Chat extension that...

6.5CVSS5.8AI score0.00245EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.6 views

Duplicate Advisory: OpenClaw: Plivo V2 verified replay identity drifts on query-only variants

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-cg6c-q2hx-69h7. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.23 contains a replay identity vulnerability in Plivo V2 signature verification that allows...

8.3CVSS5.8AI score0.00283EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.7 views

Duplicate Advisory: OpenClaw: Google Chat app-url webhook auth accepted non-deployment add-on principals

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mp66-rf4f-mhh8. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 contains an improper authentication verification vulnerability in Google Chat app-url webho...

7.1CVSS5.8AI score0.00293EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.9 views

Duplicate Advisory: OpenClaw: Google Chat Authz Bypass via Group Policy Rebinding with Mutable Space displayName

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-52q4-3xjc-6778. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Google Chat group policy enforcement that...

5.4CVSS5.7AI score0.00236EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.8 views

Duplicate Advisory: OpenClaw: Nextcloud Talk room allowlist matched colliding room names instead of stable room tokens

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xhq5-45pm-2gjr. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.22 contains a policy confusion vulnerability in room authorization that matches colliding room...

5.4CVSS5.6AI score0.00241EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 12:30 a.m.9 views

Duplicate Advisory: OpenClaw: BlueBubbles Webhook Missing Rate Limiting Enables Brute-Force Password Guessing

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xq8g-hgh6-87hv. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.25 contains a missing rate limiting vulnerability in webhook authentication that allows...

6.5CVSS5.7AI score0.00361EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.10 views

FoundationAgents MetaGPT vulnerable to os command injection via the Terminal.run_command

A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.runcommand in the library metagpt/tools/libs/terminal.py. The manipulation leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed ...

9.8CVSS6.4AI score0.02328EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.5 views

FoundationAgents MetaGPT vulnerable to OS Command Injection in metagpt/utils/common.py

A vulnerability was found in FoundationAgents MetaGPT up to 0.8.1. Impacted is the function getmimetype of the file metagpt/utils/common.py. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The project was...

9.8CVSS6.7AI score0.02283EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.14 views

Apache Tomcat: CLIENT_CERT authentication does not fail as expected

CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M14 through 11.0.20, from 10.1.22 through 10.1.53, from 9.0.92 through 9.0.116. Users are recommended to upgrade to...

6.5CVSS5.8AI score0.00469EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.10 views

Apache Tomcat has an Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve

Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.40 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 o...

7.5CVSS5.8AI score0.00461EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.8 views

Apache Tomcat vulnerable to Insertion of Sensitive Information into Log File

Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.13 through 9.0.116. User...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References10Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.6 views

FoundationAgents MetaGPT vulnerable to OS Command Injection in metagpt/tools/libs/terminal.py

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The affected element is the function Bash.run in the library metagpt/tools/libs/terminal.py. This manipulation causes os command injection. The attack is possible to be carried out remotely. The project was informed of the...

9.8CVSS6.9AI score0.02241EPSS
Exploits1References8Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.8 views

Apache Tomcat Missing Encryption of Sensitive Data vulnerability

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the...

7.5CVSS5.8AI score0.15831EPSS
Exploits6References12Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.11 views

Apache Tomcat has an HTTP Request/Response Smuggling vulnerability

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M1 through 9.0.115, from 8.5.0 through 8.5.100,...

7.5CVSS5.8AI score0.00453EPSS
Exploits0References14Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.10 views

Apache Tomcat: CLIENT_CERT authentication does not fail as expected

CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M7 through 10.1.52, from 9.0.83 through 9.0.115; Apache Tomcat...

9.1CVSS5.8AI score0.00715EPSS
Exploits1References10Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.9 views

Apache Tomcat has an Improper Input Validation vulnerability

Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from 11.0.15 through 11.0.19, from 10.1.50 through 10.1.52, from 9.0.113 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116,...

5.3CVSS7.2AI score0.00307EPSS
Exploits0References10Affected Software3
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.10 views

Apache Tomcat: Configured cipher preference order not preserved

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue...

7.5CVSS5.8AI score0.00259EPSS
Exploits0References10Affected Software3
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.4 views

Apache Tomcat has an Open Redirect vulnerability

Occasional URL redirection to untrusted Site 'Open Redirect' vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M23 through 9.0.115, from 8.5.30 through 8.5.100. Other,...

6.1CVSS5.8AI score0.00526EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2026/04/09 9:31 p.m.6 views

Apache Tomcat: Padding Oracle vulnerability in EncryptInterceptor

Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through 9..115, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109. Users are...

7.5CVSS5.8AI score0.03494EPSS
Exploits1References11Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/09 8:28 p.m.9 views

Gramps Web API: Private Sub-Object Data in Non-Private Objects Exposed to Guest Users

Summary Users with the Guest role could receive private sub-object data e.g. private alternate names, private addresses, private note/citation/media handles through list API endpoints such as GET /api/people/, GET /api/places/, GET /api/events/, and all other object list endpoints. This does not...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/09 8:28 p.m.7 views

OpenClaw: GIT_DIR and related git plumbing env vars missing from exec env denylist (GHSA-m866-6qv5-p2fg variant)

Impact GITDIR and related git plumbing env vars missing from exec env denylist GHSA-m866-6qv5-p2fg variant. Git plumbing environment variables were not removed before host exec and could redirect Git operations. OpenClaw is a user-controlled local assistant. This advisory is scoped to the OpenCla...

6.1CVSS5.9AI score0.00115EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/09 8:28 p.m.6 views

bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts

ARC broadcaster treats failure statuses as successful broadcasts Summary BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are silently...

7.5CVSS5.9AI score0.00266EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/09 8:28 p.m.6 views

bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths)

Unverified certifier signatures persisted by acquirecertificate Affected packages Both bsv-sdk and bsv-wallet are published from the sgbett/bsv-ruby-sdk repository. The vulnerable code lives in lib/bsv/walletinterface/walletclient.rb, which is physically shipped inside both gems the...

8.1CVSS6.1AI score0.00135EPSS
Exploits1References9Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/09 8:28 p.m.14 views

Unhead has a hasDangerousProtocol() bypass via leading-zero padded HTML entities in useHeadSafe()

EVIDENCE | Disclosed to Vercel H1 | 2026-03-22 no response after 12 days | | Cross-reported here | 2026-04-03 | --- Summary useHeadSafe is the composable that Nuxt's own documentation explicitly recommends for rendering user-supplied content in safely. Internally, the hasDangerousProtocol functio...

6.1CVSS7.3AI score0.00285EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/09 8:24 p.m.8 views

Wasmtime has out-of-bounds write or crash when transcoding component model strings

Impact Wasmtime's implementation of transcoding strings between components contains a bug where the return value of a guest component's realloc is not validated before the host attempts to write through the pointer. This enables a guest to cause the host to write arbitrary transcoded string bytes...

6.1CVSS5.9AI score0.00216EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities33187