Lucene search
+L
VulnrichmentRecent

163701 matches found

Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.8 views

CVE-2026-12019

Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00253EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.9 views

CVE-2026-12020

Use after free in Autofill in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.6AI score0.00224EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.8 views

CVE-2026-12016

Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00229EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.8 views

CVE-2026-12018

Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

5.4AI score0.0016EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.10 views

CVE-2026-12017

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

5.4AI score0.00208EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.8 views

CVE-2026-12013

...

5.1AI score0.0024EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.8 views

CVE-2026-12014

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

5.5AI score0.00174EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.10 views

CVE-2026-12015

Use after free in Autofill in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00227EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.9 views

CVE-2026-12011

Use after free in WebMIDI in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.5AI score0.00246EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.10 views

CVE-2026-12012

Use after free in Network in Google Chrome prior to 149.0.7827.115 allowed an attacker in a privileged network position to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

5.5AI score0.00225EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.8 views

CVE-2026-12009

Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.5AI score0.00246EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.9 views

CVE-2026-12010

Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.8AI score0.00272EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.8 views

CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

6AI score0.00287EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.9 views

CVE-2026-12008

Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.5AI score0.00246EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:46 p.m.9 views

CVE-2026-44249 Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking

Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo. Valid public IP addresses ca...

8.1CVSS5.2AI score0.00573EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 8:46 p.m.7 views

CVE-2026-6250 Authenticated Format String Injection on TP-Link Tapo C110

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, which can be used to manipulate stack memory, including control flow data such as return...

7CVSS5.5AI score0.00463EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/11 8:10 p.m.23 views

CVE-2026-53819 OpenClaw < 2026.5.27 - Arbitrary Homebrew Executable Execution via Workspace .env Override

OpenClaw before 2026.5.27 contains an arbitrary code execution vulnerability in skill install flows where workspace .env files can override the Homebrew executable selection. Attackers with access to trusted operator workspaces can execute unintended Homebrew-compatible executables during skill...

8.8CVSS6.1AI score0.00298EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:9 p.m.8 views

CVE-2026-53818 OpenClaw < 2026.4.24 - Owner-Only Tool Policy Bypass via MCP Loopback

OpenClaw before 2026.4.24 contains an authorization bypass vulnerability in the MCP loopback feature that allows non-owner callers to skip owner-only tool policies and before-tool-call hooks. Attackers can invoke owner-only behavior through the affected loopback path to execute restricted tools...

6.9CVSS5.4AI score0.00096EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:9 p.m.10 views

CVE-2026-53817 OpenClaw < 2026.5.22 - Control UI Locality Spoofing in Device Pairing

OpenClaw before 2026.5.22 contains a locality validation vulnerability in Control UI pairing that allows attackers with network access to spoof locality information and obtain durable admin-capable device tokens. Attackers can exploit insufficient locality-derived trust validation to convert...

8.8CVSS5.2AI score0.00309EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:9 p.m.11 views

CVE-2026-53816 OpenClaw < 2026.5.18 - Exec Lifecycle Event Forgery via Paired Node

OpenClaw before 2026.5.18 contains an insufficient provenance validation vulnerability in node event handling that allows paired nodes to forge exec lifecycle events without system.run authorization. A malicious or compromised paired node can send crafted node.event messages to the gateway,...

8.6CVSS5.2AI score0.00342EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:8 p.m.13 views

CVE-2026-53815 OpenClaw < 2026.5.19 - Channel Allowlist Bypass in Message Read Actions

OpenClaw before 2026.5.19 contains an authorization bypass vulnerability in message read actions that skips channel allowlist checks. Lower-trust callers can request messages from channels not intended for them by exploiting insufficient validation in the affected feature, potentially exposing...

7.1CVSS5.2AI score0.00215EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:8 p.m.11 views

CVE-2026-53814 OpenClaw < 2026.5.20 - Privilege Escalation via Hook-Triggered CLI MCP Tool Authority

OpenClaw before 2026.5.20 contains a privilege escalation vulnerability where hook-triggered agent runs incorrectly receive owner-scoped MCP loopback authority instead of hook-appropriate scope. Attackers with a valid hook token can exploit the /hooks/agent endpoint to cause spawned CLI runtimes ...

8.7CVSS5.3AI score0.00281EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:8 p.m.11 views

CVE-2026-53813 OpenClaw < 2026.4.25 - Arbitrary Artifact Loading via Fake Package Root Resolution

OpenClaw before 2026.4.25 contains a path traversal vulnerability in memory-core artifact loading where workspace state influences local package root resolution. Attackers with access to affected workspaces can load memory-core artifacts from unintended local locations, potentially executing...

7.8CVSS5.3AI score0.00114EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:7 p.m.10 views

CVE-2026-53812 OpenClaw < 2026.5.18 - Private-Network Navigation Bypass via Browser Act Interactions

OpenClaw before 2026.5.18 contains a server-side request forgery vulnerability in browser control that allows authenticated users to bypass private-network navigation checks through Playwright act interactions. Attackers can trigger navigation to private-network targets via action-triggered...

7.7CVSS5.2AI score0.00247EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:7 p.m.10 views

CVE-2026-53811 OpenClaw < 2026.5.7 - Privilege Escalation via Mutable Display Names in Matrix allowFrom

OpenClaw before 2026.5.7 contains a privilege escalation vulnerability in the Matrix allowFrom feature that allows authenticated accounts to match policy entries through mutable display name metadata. Attackers with the ability to change display names can receive agent access intended for another...

8.8CVSS5.2AI score0.00309EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:7 p.m.8 views

CVE-2026-53810 OpenClaw < 2026.5.18 - Arbitrary Code Execution via Unscanned Marketplace Runtime Extension Metadata

OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points...

8.8CVSS5.8AI score0.00419EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:6 p.m.11 views

CVE-2026-53809 OpenClaw < 2026.4.25 - Provider Alias Confusion in Embedded Runner Policy

OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to compare against aliases instead of canonical provider identities. Attackers can exploit this confusion to select bundled tool access outside intended provider...

4.8CVSS5.3AI score0.00093EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:6 p.m.10 views

CVE-2026-53808 OpenClaw < 2026.5.6 - Approval Policy Bypass in Skill Workshop Apply Flow

OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls to set apply: true despite approvalPolicy: pending configuration. Attackers can exploit this by reaching the affected apply path to apply workshop changes before...

6.5CVSS5.2AI score0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:5 p.m.13 views

CVE-2026-53807 OpenClaw < 2026.5.6 - Authorization Bypass in Telegram Interactive Callbacks via commands.allowFrom

OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users to skip commands.allowFrom validation. Attackers can invoke affected callbacks to mark themselves as authorized senders before allowlist checks are applied,...

8.8CVSS5.2AI score0.00312EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:5 p.m.8 views

CVE-2026-53806 OpenClaw < 2026.5.12 - Shell Option Parsing Bypass in Exec Revalidation

OpenClaw before 2026.5.12 contains a shell option parsing vulnerability that allows combined POSIX shell flags to bypass exec revalidation checks. Attackers can exploit this by using combined shell options to execute inline shell content without intended allowlist validation, potentially enabling...

8.8CVSS5.7AI score0.00419EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:3 p.m.9 views

CVE-2026-41005 UAA accepts SAML Encrypted Assertions authentication bypass

Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider confidentiality as a substitute for XML signatures from the Identity Provider authenticity in two SAML flows: the OAuth 2.0 SAML2 bearer grant token endpoint and browser SSO ACS when wantAssertionSigned is set to false...

9CVSS5.3AI score0.00131EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 7:49 p.m.9 views

CVE-2026-50005 Brickcom Cameras Use of Default Credentials

Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds...

8.3CVSS5.3AI score0.00197EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 7:48 p.m.9 views

CVE-2026-50245 Brickcom Cameras Missing Authentication for Critical Function

Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed...

8.3CVSS5.2AI score0.00156EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 7:17 p.m.10 views

CVE-2026-53782 Summarize < 0.17.0 SSRF via podcast:transcript URL fetch

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

7.4CVSS5.3AI score0.00265EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/11 7:11 p.m.11 views

CVE-2026-53781 Summarize < 0.17.0 Disk Exhaustion via Uncapped Media Download

Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missing or misreported Content-Length headers, chunked transfer encoding, or failed HEAD requests...

5.3CVSS5.3AI score0.00329EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/11 7:4 p.m.8 views

CVE-2026-49973 Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings

Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the setpassword parameter to the settings API endpoint without any network origin restriction. Attackers on any reachable netwo...

9.4CVSS5.5AI score0.00543EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/11 6:59 p.m.11 views

CVE-2026-45802 FPDI: Memory Exhaustion and Endless Loop in FPDI leads to Denial of Service

FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. Prior to version 2.6.7, an attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion or a script...

6CVSS5.3AI score0.00259EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 6:57 p.m.9 views

CVE-2026-45175 Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes

Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker ...

8.5CVSS5.4AI score0.00128EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 6:55 p.m.10 views

CVE-2026-46489 SolidInvoice: Unrestricted file upload with no MIME validation allows stored XSS via malicious SVG logo

SolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, the company logo upload feature accepts any file type without validation. An authenticated administrator can upload an SVG file containing embedded JavaScript. This script is base64-encoded and injected unescaped into eve...

8.1CVSS4.8AI score0.0031EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 6:55 p.m.16 views

CVE-2026-49949 CodexBar < 0.33.0 Credential Leakage via HTTP Redirect

CodexBar before 0.33.0 contains a credential forwarding vulnerability that allows network-adjacent attackers to intercept sensitive credentials by issuing cross-origin or HTTP-downgrade redirects to the shared ProviderHTTPClient transport. Attackers can redirect credentialed provider requests...

6CVSS5.2AI score0.00253EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/11 6:55 p.m.7 views

CVE-2026-46622 SolidInvoice: API tokens stored as plaintext in the database allowing full credential compromise on database breach

SolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, API tokens used to authenticate all REST API requests are stored as plaintext strings in the apitokens database table. Any attacker who obtains read access to the database — through SQL injection, a leaked backup, a...

8.1CVSS5.6AI score0.00197EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 6:49 p.m.10 views

CVE-2026-47181 PenguinMod-BackendApi: NoSQL Injection in Password Reset Endpoint Allows Account Takeover

PenguinMod-BackendApi is the backend api for penguinmod. Prior to version 1.0.0, a NoSQL injection vulnerability in the password reset endpoint allows any authenticated user to change the password of an account, leading to full account takeover. An attacker only needs a registered account and a...

8.7CVSS5.3AI score0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 6:49 p.m.12 views

CVE-2026-45176 Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation

Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this coul...

8.9CVSS5.5AI score0.00124EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.12 views

CVE-2025-30431

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information...

5.4AI score0.00127EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.12 views

CVE-2025-24268

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data...

5.4AI score0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.8 views

CVE-2025-43339

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to access sensitive user data...

5.4AI score0.00112EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.9 views

CVE-2025-46315

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data...

5.4AI score0.0027EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.12 views

CVE-2025-46293

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data...

5.4AI score0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.9 views

CVE-2025-31272

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges...

5.6AI score0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 6:47 p.m.10 views

CVE-2025-30459

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data...

5.4AI score0.00122EPSS
Exploits0References1
Total number of security vulnerabilities163701