Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Partition). Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
October CMS versions prior to 3.7.14 and 4.1.10 allow authenticated backend users with Editor permissions to read arbitrary server files by crafting malicious CSS preprocessor files (.less, .sass, .scss) that exploit the compiler's import functionality. The vulnerability persists even when cms.safe_mode is enabled, enabling high-confidence information disclosure of sensitive configuration files, credentials, and application source code without requiring administrative privileges.
OpenClaw before version 2026.3.31 contains a server-side request forgery (SSRF) vulnerability in the marketplace plugin download functionality, where unguarded fetch() calls allow authenticated users with user interaction to make arbitrary network requests on behalf of the affected system. Remote attackers can access internal resources or interact with external services, potentially disclosing sensitive data or compromising internal infrastructure; no public exploit code or active exploitation has been identified at time of analysis.
OpenClaw before version 2026.3.31 allows authenticated users to exploit server-side request forgery (SSRF) through unvalidated HTTP redirects in the marketplace plugin download functionality, enabling access to internal resources and potential information disclosure. The marketplace.ts module fails to validate redirect destinations during archive downloads, permitting remote attackers with valid credentials and user interaction to redirect requests to arbitrary internal or external servers. Real-world exploitation is limited by authentication and interaction requirements, keeping the baseline CVSS at 4.8 (medium), though impact depends on network exposure of internal services.
Authentication bypass in mitmproxy 12.2.1 and below allows remote attackers to bypass LDAP-based proxy authentication through unsanitized username injection. The vulnerability affects only instances explicitly configured with the proxyauth option using LDAP authentication, which is disabled by default. Attackers can exploit this over the network without authentication or user interaction to gain unauthorized access to proxied connections.
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 4.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N).
Time-of-check Time-of-use (TOCTOU) race condition in Spring Security's JdbcOneTimeTokenService allows unauthenticated remote attackers to bypass one-time token validation and gain unauthorized access. Affected versions include 6.4.0-6.4.15, 6.5.0-6.5.9, and 7.0.0-7.0.4. The vulnerability requires explicit configuration of One-Time Token login and involves high attack complexity, limiting real-world exploitation despite network accessibility.
nesquena hermes-webui contains an environment variable leakage vulnerability where profile switching does not clear environment variables from the previously active profile before loading the next profile. Attackers or users can exploit additive dotenv reload behavior to access provider API keys and other sensitive secrets from one profile context in another profile, breaking expected security isolation between profiles.
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data as well as unauthorized read access to a subset of Oracle Applications Framework accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Applications Framework. CVSS 3.1 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L).
OpenBao 2.5.2 and earlier fails to properly quote PostgreSQL schema names during role revocation in the PostgreSQL database secrets engine, allowing authenticated high-privilege administrators to execute arbitrary SQL injection as the database management user. The vulnerability affects the credentials management workflow when revoking database roles, potentially compromising database integrity. A vendor-released patch (version 2.5.3) is available.
Stored cross-site scripting in Website LLMs.txt plugin for WordPress versions up to 8.2.6 allows authenticated administrators to inject arbitrary JavaScript into plugin settings that executes when any user visits affected pages. The vulnerability requires high privilege level (PR:H) and occurs only in multi-site installations or where unfiltered_html capability is disabled. No public exploit code or active exploitation has been identified.
Responsive Blocks - Page Builder for Blocks & Patterns plugin for WordPress versions up to 2.2.1 allows authenticated contributors and higher to modify global site-wide plugin configuration, including custom CSS settings, block availability, layout defaults (content width, padding, gap), and auto-recovery behavior due to missing authorization checks. This capability escalation bypasses intended role-based access control, enabling lower-privileged users to degrade site functionality and inject CSS-based attacks. No public exploit code or active exploitation confirmed at time of analysis; CVSS 4.3 (low) reflects the authentication requirement and integrity-only impact, but real-world risk depends on contributor population and site governance.
Improper session timeout handling in Fortra GoAnywhere MFT prior to version 7.10.0 allows unauthenticated remote attackers to bypass SAML authentication and redirect users to the regular login page, potentially enabling credential harvesting or session hijacking attacks. The vulnerability requires user interaction (clicking a malicious link or visiting a crafted URL) but affects all web users configured with SAML single sign-on, creating an information disclosure risk through unexpected authentication flow exposure.
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile Product Lifecycle Management for Process. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Agile Product Lifecycle Management for Process accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
FreeScout prior to version 1.8.215 leaks confidential help desk conversations to authenticated users through global search and AJAX filter endpoints, bypassing per-conversation access controls that should restrict visibility to assigned agents. An authenticated user with any level of helpdesk access can enumerate and view conversations they should not have permission to access via non-folder query builders, revealing sensitive customer and internal communication that the application explicitly restricts in folder views.
FreeScout prior to version 1.8.214 permits authenticated users to modify hidden customer profiles through email-based object reuse in the customer creation endpoint. By supplying an email address already associated with a hidden customer via POST /customers/ajax?action=create, an attacker can bypass unique-email validation and populate that customer's empty profile fields with arbitrary data, enabling account takeover or data manipulation without administrative privileges.
NVIDIA KAI Scheduler contains an improper authorization vulnerability allowing authenticated attackers to reference pods across Kubernetes namespaces they do not own, enabling data tampering. The vulnerability requires valid credentials and network access to the scheduler but does not permit confidentiality breaches or denial of service. CVSS 4.3 (low) reflects authenticated access requirement and integrity impact only; no active exploitation or public POC identified.
Denial-of-service in OpenBSD slaacd and rad daemons allows local network attackers to trigger infinite loops by sending crafted ICMPv6 Neighbor Discovery packets with zero-length options, causing affected daemons to hang due to missing validation of the nd_opt_len field before arithmetic operations. OpenBSD versions through 7.8 are affected. No evidence of active exploitation has been identified.
Server-Side Request Forgery (SSRF) in FreeScout versions before 1.8.213 allows authenticated administrators to probe internal networks and fingerprint services via unvalidated IMAP and SMTP connection test functionality. Three AJAX actions in MailboxesController pass attacker-controlled server hostnames and ports directly to fsockopen() and protocol clients without IP validation, hostname restrictions, or internal-range blocklists, enabling port scanning and service banner disclosure through IMAP debug logs and AJAX responses. The vulnerability requires admin authentication but affects confidentiality of internal infrastructure.
Vulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Workflow and Business Events). Supported versions that are affected are 12.2.7-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle User Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle User Management accessible data as well as unauthorized read access to a subset of Oracle User Management accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
BACnet Stack prior to version 1.4.3 exhibits undefined behavior in the decode_signed32() function when processing signed-integer property values containing bytes with the high bit set, causing denial of service through integer overflow. Network-remote attackers can trigger this vulnerability by sending specially crafted BACnet packets with high-bit-set byte sequences, resulting in application instability or crash on embedded systems running vulnerable versions. The vulnerability is confirmed fixed in version 1.4.3.
Vulnerability in Oracle Java SE (component: Libraries). The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
HTTP request smuggling in HCL BigFix Service Management allows remote unauthenticated attackers to exploit HTTP parsing inconsistencies between front-end and back-end servers, potentially leading to limited information disclosure through cache poisoning or request hijacking attacks. The vulnerability has a CVSS score of 3.7 with low confidentiality impact but no direct availability or integrity impact.
October CMS versions prior to 3.7.16 and 4.1.16 fail to enforce fine-grained sub-permission checks for asset and blueprint file operations in the CMS and Tailor editor extensions, allowing backend users with editor access but explicitly withheld editor.cms_assets or editor.tailor_blueprints permissions to perform unauthorized file operations (create, delete, rename, move, upload) on theme assets and blueprint files. Additionally, an operator precedence error discloses the theme blueprint directory tree under the same conditions. This affects an uncommon permission configuration where high-privileged users have granular restrictions selectively applied.
Honor PcManager contains a privilege bypass vulnerability allowing local attackers without privileges to impact service availability through a type-confusion mechanism. The vulnerability requires high attack complexity and local access, resulting in a CVSS 3.2 (low severity) score with confidentiality and integrity impact ruled out. No active exploitation or public exploit code has been identified at the time of analysis.
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.2 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N).
Disk exhaustion via decompression bomb in OpenBao's OCI plugin downloader allows network attackers to exhaust victim disk resources by serving a crafted container image. The vulnerability exists in ExtractPluginFromImage() which writes decompressed tar streams without size bounds, and validates SHA256 integrity only after the full file is written to disk. An attacker controlling or compromising the OCI registry can replace legitimate plugin images with malicious compressed payloads that decompress to arbitrarily large files, causing denial of service. OpenBao versions prior to 2.5.3 are affected; the CVSS score of 3.1 reflects low impact (availability only) but the attack requires the victim to manually trigger plugin extraction with a compromised registry configured.
Reflected cross-site scripting (XSS) in October CMS backend DataTable widget allows unauthenticated remote attackers to inject arbitrary JavaScript via a query parameter, requiring user interaction to execute malicious code. The vulnerability affects versions prior to 3.7.16 and 4.1.16, with a low severity CVSS score of 3.1 reflecting the requirement for high attack complexity and user clicking a malicious link.
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 2.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 2.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulnerability allows high privileged attacker having Row Access Method privilege with network access via multiple protocols to compromise RDBMS. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of RDBMS accessible data. CVSS 3.1 Base Score 2.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N).
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 2.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).
OpenBao versions prior to 2.5.3 allow high-privileged administrators in one tenant to revoke or renew authentication tokens belonging to users in other tenants if the token accessor is disclosed, bypassing the multi-tenant isolation guarantee. The vulnerability requires high privilege level and user interaction but undermines the core security boundary of OpenBao's namespace-based multi-tenancy model. No active exploitation has been reported.
OpenBao's Certificate authentication method with disable_binding=true allows token renewal using any sibling certificate signed by the same CA, rather than requiring the original certificate, enabling attackers with knowledge of a token or accessor to extend dynamic lease lifetimes beyond intended scope. The vulnerability affects OpenBao versions prior to 2.5.3 and requires high privileges and user interaction, resulting in a CVSS 2.0 score with low confidentiality and integrity impact. No public exploit code or active exploitation has been identified.
OpenClaw before version 2026.3.31 fails to sanitize environment variables in its host exec policy, allowing authenticated local attackers to override proxy, TLS, Docker, and Git TLS security controls. An attacker with local access and limited privileges can bypass intended security restrictions by injecting malicious environment variables, potentially disabling certificate verification or redirecting traffic through unauthorized proxies. No public exploit code has been identified, and the vulnerability requires process interaction (AT:P) to trigger.