Lucene search
+L
PtsecurityRecent

187352 matches found

ptsecurity
ptsecurity
added 3 hours ago6 views

PT-2026-60630

OpenClaw 2026.2.25 before 2026.5.26 allow a lower-trust caller or configured input path to bypass non-browser rate limits on WebSocket authentication attempts. When the affected feature is enabled and reachable by lower-trust input, this can consume gateway resources and reduce service availabili...

6.3CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60631

OpenClaw 2026.5.12 before 2026.5.26 contain an incorrect authorization vulnerability in the ClickClack allowFrom feature. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could execute or persist actions beyond the caller's intended authorization,...

5.4CVSS6.2AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago5 views

PT-2026-60632

OpenClaw before 2026.5.22 contain a vulnerability in setup-mode discovery that allows loading of untrusted workspace plugins. Attackers with lower-trust caller access or control over configured input paths can execute or persist actions beyond their intended authorization level...

7.8CVSS6.2AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60633

OpenClaw before 2026.5.18 contain an authorization bypass vulnerability in the device-pair approval feature that allows lower-trust callers to execute actions beyond their intended authorization. Attackers can exploit misconfigured input paths to execute or persist unauthorized actions when the...

8.8CVSS6.2AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago5 views

PT-2026-60634

OpenClaw MS Teams before 2026.5.12 contain an authorization bypass vulnerability where the allowFrom feature binds to mutable display names. Attackers with lower-trust access can perform actions requiring stronger authorization by exploiting the mutable display name binding in the affected featur...

5.4CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago5 views

PT-2026-60635

OpenClaw versions before 2026.5.18 contain an authorization bypass vulnerability in skill command dispatch that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attackers can bypass tool policy restrictions through configured input paths to perform...

5.4CVSS6.2AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60636

OpenClaw 2026.3.28 before 2026.5.19 contain an authorization bypass vulnerability in the browser act route that fails to properly validate current-tab URL checks. Attackers with lower-trust access or configured input paths can perform actions requiring stronger authorization or policy checks...

8.5CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago4 views

PT-2026-60637

OpenClaw 2026.4.14 before 2026.5.26 contain a server-side request forgery vulnerability in browser snapshot routes that fail to validate post-navigation destinations. Attackers with lower-trust access can bypass OpenClaw policy checks to reach network destinations that should have been blocked...

7.7CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60638

OpenClaw before 2026.6.5 contain an authorization bypass vulnerability in node exec approvals that allows lower-trust callers to execute actions beyond their intended authorization by using different gateway and node environments. Attackers can exploit mismatched environment configurations to...

8.8CVSS6.2AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60639

OpenClaw before 2026.5.18 contain an authorization bypass vulnerability in exec allowlist glob matching that allows lower-trust callers to execute actions beyond intended authorization. Attackers can craft input paths that traverse the allowlist glob patterns to execute or persist unauthorized...

8.8CVSS6.2AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60640

Grav before 2.0.4 ships a default .htaccess and reference webserver-configs/htaccess.txt whose rules blocking access to sensitive file types .yaml, .php, .json, etc. lack the NC flag, making extension matching case-sensitive. On case-insensitive filesystems Windows/NTFS, macOS/HFS+, or Docker...

8.7CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60641

The Grav API plugin getgrav/grav-plugin-api before 1.0.6 contains an authorization bypass: API keys can be created with a restricted scopes array, but the ApiKeyAuthenticator class never reads or enforces these scopes. It loads and returns the owning user's full account object, so a key created...

8.6CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60642

Grav before 2.0.4 contains a two-factor authentication bypass vulnerability in the login plugin where the regenerate2FASecret task checks only user existence, not authorization, during the pending TOTP challenge window. Attackers who know the victim's password can call this task without a CSRF...

9.1CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60643

grav-plugin-api before 1.0.6 fails to validate super-admin status in createApiKey, generate2fa, and disable2fa endpoints, allowing non-super api.users.write managers to escalate to super-admin. Attackers can mint API keys bound to super-admin accounts or strip 2FA from super-admin users to achiev...

8.8CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago4 views

PT-2026-60644

Grav before 2.0.4 fails to restrict cURL protocols in webhook dispatch, allowing authenticated users with api.webhooks.write permission to create webhooks with file://, dict://, or gopher:// URLs. Attackers can trigger webhook events to read local files, access process information, or pivot to...

8.4CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago5 views

PT-2026-60646

grav-plugin-login before 3.8.11 contains a cross-site request forgery CSRF vulnerability in the login.regenerate2FASecret frontend task, which regenerates and persists a new TOTP secret for the authenticated session user without any anti-CSRF nonce or Origin/Referer check. Because Grav core...

5.4CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago6 views

PT-2026-60647

Grav before 2.0.4 contains a regular expression denial of service ReDoS vulnerability in the regex replace filter and function, which are allowlisted in the Twig content sandbox. When Twig processing in page content is enabled security.twig content.process enabled: true, disabled by default, an...

6.5CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60648

OpenRemote before 1.26.0 contain an authenticated SQL injection vulnerability in the datapoint crosstab export endpoint that constructs PostgreSQL queries by concatenating asset display names into raw SQL. An authenticated attacker with asset creation or rename permissions can inject SQL through...

7.2CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60649

clawvet self-hosted API server apps/api before 0.7.5 hard-codes a fallback JWT secret 'clawvet-dev-secret-change-me' in auth.ts and ships it as the default in .env.example. Because GET /api/v1/scans returns scan records containing userId values without authentication, a remote unauthenticated...

9.3CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago4 views

PT-2026-60650

The Grav API plugin getgrav/grav-plugin-api before 1.0.0-rc.16 accepts JWT access tokens through the ?token= URL query parameter on every API route JwtAuthenticator::extractBearerToken fallback. Because tokens are embedded in URLs, they are logged verbatim in web server access logs, leaked via th...

8.2CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60611

Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions 3.0.0 and above, prior to 4.14.5, a size t integer underflow in os crypto/shared/msgs.c:389 allows any enrolled Wazuh agent to crash the wazuh-remoted process on the manager, immediately...

6.5CVSS6.1AI score
Exploits0References1
ptsecurity
ptsecurity
added 3 hours ago9 views

PT-2026-60612

OpenClaw versions before 2026.6.6 contain a network policy bypass vulnerability in the sandbox exec-server that allows lower-trust callers to reach internal network destinations blocked by OpenClaw policy. Attackers can send HTTP requests through the exec-server to access network resources that...

7.7CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60615

OpenClaw versions 2026.4.12-beta.1 before 2026.6.6 contain a missing-authorization vulnerability in the MS Teams message actions feature. When the affected feature is enabled and reachable, a lower-trust caller or a configured input path can perform actions that should have required a stronger...

7.1CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago6 views

PT-2026-60618

OpenClaw before 2026.6.5 could forward Authorization headers during MCP SSE redirects. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could execute or persist actions beyond the caller's intended authorization. Impact depends on the operator's...

6.5CVSS6.2AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60624

OpenClaw versions before 2026.5.28 Bot Framework contains an improper input validation vulnerability that allows lower-trust callers to expose bot tokens and credentials by failing to properly validate serviceUrl parameters. Attackers can supply malicious serviceUrl values through configured inpu...

6.5CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago5 views

PT-2026-60627

OpenClaw 2026.5.14-beta.1 before 2026.5.27 contain an authorization flaw in the QQBot exec approvals feature. When the feature is enabled and reachable, a lower-trust caller or configured input path could execute or persist actions beyond the caller's intended authorization, allowing...

8.8CVSS6.2AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60628

OpenClaw 2026.1.20 before 2026.5.27 contain an authorization bypass vulnerability in the device.pair.approve feature that allows lower-trust callers to bypass role-management checks. Attackers can perform actions requiring stronger authorization by reaching the affected feature through configured...

8.8CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago6 views

PT-2026-60613

OpenClaw versions 2026.6.1 before 2026.6.9 contain a privilege escalation vulnerability in isolated cron jobs that allows lower-trust callers to regain denied execution tools. Attackers can execute or persist actions beyond their intended authorization by leveraging misconfigured input paths in t...

8.8CVSS6.2AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60614

OpenClaw versions before 2026.6.6 contain an environment variable filtering vulnerability in host exec that fails to properly sanitize rustup startup variables. Attackers with lower-trust caller access or configured input paths can execute or persist actions beyond their intended authorization...

8.8CVSS6.2AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago5 views

PT-2026-60617

OpenClaw versions before 2026.6.5 contain an authentication bypass vulnerability that allows lower-trust callers to reach admin-scoped tools. Attackers can perform actions requiring stronger authorization by exploiting insufficient policy checks on configured input paths...

8.8CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago5 views

PT-2026-60619

OpenClaw versions 2026.5.10-beta.1 before 2026.6.5 contain an authorization bypass in the ClickClack agent-mode dispatch feature, which could ignore the toolsAllow policy check. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could perform actions...

8.1CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60620

OpenClaw versions before 2026.6.1 contain a denial of service vulnerability where remote media URLs can trigger slow-read attacks that exhaust gateway worker resources. Attackers with access to configured input paths can supply remote media URLs that consume gateway resources and reduce...

6.5CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago5 views

PT-2026-60621

OpenClaw versions before 2026.6.1 contain a credential redaction bypass vulnerability in the trajectory export feature that allows lower-trust callers to access data that should remain within trusted boundaries. Attackers can exploit misconfigured input paths or feature accessibility to expose...

5CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago7 views

PT-2026-60622

OpenClaw before 2026.5.28 contains a race condition in the MS Teams safeFetch DNS rebinding check. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could win a timing window between the DNS validation check and use, allowing actions that should hav...

7.1CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago6 views

PT-2026-60623

OpenClaw versions before 2026.5.27 contain a token leakage vulnerability in MS Teams outbound requests that allows lower-trust callers to expose Bot Framework tokens. Attackers can access configured input paths to retrieve credentials that should remain within the trusted boundary...

6.5CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago3 views

PT-2026-60625

OpenClaw versions before 2026.6.5 contain an authentication bypass vulnerability in HTTP Canvas responses that allows lower-trust callers to forge trusted A2UI actions. Attackers can perform actions requiring stronger authorization by submitting crafted requests through configured input paths,...

8CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago5 views

PT-2026-60626

OpenClaw 2026.4.20 before 2026.5.28 contain a policy bypass in the QQBot media upload feature. A lower-trust caller or configured input path could cause the media upload to reach network destinations that should have been blocked by OpenClaw policy server-side request forgery. The practical impac...

5CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago6 views

PT-2026-60645

Grav Flex-Objects before version 1.4.3 contains a broken access control vulnerability in the admin-next REST API that allows authenticated users with only api.access permission to perform unauthorized CRUD operations on permission-less directories. Attackers with api.access credentials can create...

6.3CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago4 views

PT-2026-60616

OpenClaw versions before 2026.6.9 contain a missing authorization vulnerability in Discord moderation actions. In affected versions, a lower-trust caller or configured input path could perform moderation actions that should have required a stronger authorization or policy check. Practical impact...

7.1CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago9 views

PT-2026-60651

The Grav API plugin getgrav/grav-plugin-api before 1.0.0-rc.16 shipped Access-Control-Allow-Origin: as its default CORS configuration on all responses, including authenticated endpoints and preflight OPTIONS responses. Because the plugin accepts credentials via the Authorization and X-API-Token...

7.1CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added 3 hours ago7 views

PT-2026-60629

OpenClaw 2026.2.12 before 2026.5.26 contain an authorization bypass vulnerability in the hooks allowedAgentIds validation. A lower-trust caller or configured input path can bypass agent ID restrictions by submitting blank agent IDs, allowing actions that should require stronger authorization or...

7.1CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added yesterday6 views

PT-2026-60600

Quicly is an IETF QUIC protocol implementation intended primarily for use within the H2O HTTP server. Prior to commit dccf5d4, Quicly was vulnerable to stateless reset injection through lack of packet entry validation. The QUIC protocol is designed to withstand packet injection attacks, once the...

5.3CVSS6AI score0.00051EPSS
Exploits0References3
ptsecurity
ptsecurity
added yesterday7 views

PT-2026-60588

YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack. In the bundled libsyck, when an anchor name is redefined or removed, syck hdlr add anchor and syck hdlr remove anchor free the node stored under that nam...

6.1AI score
Exploits0References3
ptsecurity
ptsecurity
added yesterday6 views

PT-2026-60599

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added yesterday7 views

PT-2026-60591

Out-of-bounds write vulnerability in Legion of the Bouncy Castle Inc. BC-LTS bcprov-lts8on on ARM allows Overflow Buffers. This vulnerability is associated with program files https://github.Com/bcgit/bc-lts-java/blob/main/native c/arm/sha/shake.C,...

5.6CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added yesterday7 views

PT-2026-60596

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Backup Engine allows an authorized attacker to elevate privileges locally...

7CVSS6.1AI score
Exploits0References2
ptsecurity
ptsecurity
added yesterday6 views

PT-2026-60594

YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in syck hdlr add anchor. In the bundled libsyck an anchor name allocated by syck strndup is stored both as node-anchor, freed when the node is freed, and as the key in the parser...

6.1AI score
Exploits0References3
ptsecurity
ptsecurity
added yesterday6 views

PT-2026-60593

YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syck base64dec. The base64 decoder in the bundled libsyck indexes the 256-entry static table b64 xtable with a signed char, so any !!binary byte = 0x80 sign-extends to a negative index and...

6.1AI score
Exploits0References3
ptsecurity
ptsecurity
added yesterday5 views

PT-2026-60592

Quicly is an IETF QUIC protocol implementation intended primarily for use within the H2O HTTP server. Prior to commit 8b178e6, an adversarial peer could send a STREAM frame carrying just one byte at the largest offset being permitted to obtain additional flow control credit, which under certain...

5.3CVSS6AI score0.00051EPSS
Exploits0References3
ptsecurity
ptsecurity
added yesterday6 views

PT-2026-60595

YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newline len. In the bundled libsyck newline len and is newline dereference the scan pointer, and the following byte for a "r " pair, with no NUL-terminator or bounds check. During block-scalar...

6.1AI score
Exploits0References4
Total number of security vulnerabilities187352