Skip to main content
CVE-2026-4512 LOW POC PATCH Monitor

reCaptcha by WebDesignBy WordPress plugin before version 2.0 fails to sanitize the Site Key setting before injecting it into JavaScript context via the grecaptcha_js() function, enabling site administrators without unfiltered_html capability on multisite installations to inject arbitrary JavaScript that executes for all login page visitors. Publicly available exploit code exists; patch released by vendor.

WordPress XSS
NVD WPScan VulDB
CVSS 3.1
3.5
EPSS
0.0%
CVE-2026-6878 LOW POC GHSA Monitor

Sandbox bypass in ByteDance verl up to version 0.7.0 allows remote attackers to achieve limited information disclosure through manipulation of the math_equal function in prime_math/grader.py. The vulnerability requires high attack complexity and has been publicly documented with exploit code available, though the vendor has not responded to early disclosure attempts.

Information Disclosure Verl
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.0%
CVE-2026-2708 LOW Monitor

A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each header value without validating for duplicate or conflicting Content-Length fields. This allows an attacker to send HTTP requests containing multiple Content-Length headers with differing values.

Information Disclosure Request Smuggling Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 +2
NVD VulDB
CVSS 3.1
3.7
EPSS
0.0%
CVE-2026-1272 LOW Monitor

IBM Guardium Data Protection 12.0 through 12.2 contains a security misconfiguration in the user access control panel that allows high-privilege administrators to modify integrity settings without proper authorization constraints. The vulnerability is remotely accessible and requires existing administrative credentials, resulting in limited integrity impact with no confidentiality or availability effect. CVSS score of 2.7 reflects the low risk profile due to required administrative authentication and minimal scope of impact.

Information Disclosure IBM
NVD VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-41988 LOW PATCH Monitor

UUID library versions before 14.0.0 make unexpected writes to external output buffers when generating UUID versions 3, 5, or 6, potentially corrupting adjacent memory. UUID version 4, the most commonly deployed variant, is unaffected. The vulnerability requires local access and non-default buffer configuration to exploit, resulting in integrity compromise rather than code execution or availability impact.

Information Disclosure Uuid
NVD GitHub VulDB
CVSS 3.1
2.5
EPSS
0.0%
CVE-2026-41356 LOW PATCH Monitor

OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with previously compromised credentials can maintain unauthorized access through existing WebSocket connections after token rotation.

Authentication Bypass Openclaw
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-41348 LOW PATCH Monitor

OpenClaw before 2026.3.31 contains an authorization bypass vulnerability in Discord slash command and autocomplete paths that fail to enforce group DM channel allowlist restrictions. Authorized Discord users can bypass channel restrictions by invoking slash commands, allowing access to restricted group DM channels.

Authentication Bypass Openclaw
NVD GitHub
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-41908 LOW PATCH Monitor

OpenClaw before 2026.4.20 contains a scope enforcement bypass vulnerability in the assistant-media route that allows trusted-proxy callers without operator.read scope to access protected assistant-media files and metadata. Attackers can bypass identity-bearing HTTP auth path scope validation to retrieve sensitive media content within allowed media roots.

Authentication Bypass Openclaw
NVD GitHub
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-41358 LOW POC PATCH GHSA Monitor

OpenClaw before 2026.4.2 fails to filter Slack thread context by sender allowlist, allowing non-allowlisted messages to enter agent context. Attackers can inject unauthorized thread messages through allowlisted user replies to bypass sender access controls and manipulate model context.

Authentication Bypass Openclaw
NVD GitHub
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-41347 LOW PATCH Monitor

OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by sending malicious requests from a browser in trusted-proxy deployments to perform unauthorized actions on HTTP operator endpoints.

CSRF Openclaw
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-41341 LOW PATCH Monitor

OpenClaw before 2026.3.31 contains a logic error in Discord component interaction routing that misclassifies group direct messages as direct messages in extensions/discord/src/monitor/agent-components-helpers.ts. Attackers can exploit this misclassification to bypass group DM policy enforcement or trigger incorrect session handling.

Authentication Bypass Openclaw
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-41321 LOW PATCH GHSA Monitor

{ redirect: 'manual' }`. This is an incomplete fix for GHSA-qpr4-c339-7vq8. Confirmed on HEAD. `image-binding-transform.ts` line 28: const content = await (isRemotePath(href) ? fetch(imageSrc) : assets.fetch(imageSrc)); Missing `{ redirect: 'manual' }`. The three protected paths: // image-passthrough-endpoint.ts:23 response = await fetch(href, { redirect: 'manual' }); // assets/endpoint/shared.ts:11 const res = await fetch(src, { redirect: 'manual' }); // assets/utils/remoteProbe.ts:53 const response = await fetch(url, { redirect: 'manual' }); Demonstrated with Node.js that `fetch()` without `redirect: 'manual'` follows 302 redirects to arbitrary destinations: fetch('http://allowed:19741/img.jpg') → follows 302 → hits http://internal:19742/secret fetch('http://allowed:19741/img.jpg', {redirect:'manual'}) → returns 302, internal server NOT hit Attack path: attacker finds an open redirect on an allowed domain, crafts `/_image?href=https://allowed-cdn.com/redirect?url=http://internal-service/`, and the Worker follows the redirect to the unauthorized destination. Bypasses the `image.domains` and `image.remotePatterns` allowlist for the default Cloudflare image service (`cloudflare-binding`). Enables blind SSRF to domains not in the allowlist. Same vulnerability class as GHSA-qpr4-c339-7vq8 (HIGH) which fixed the passthrough endpoint but missed this one. const content = await (isRemotePath(href) ? fetch(imageSrc, { redirect: 'manual' }) : assets.fetch(imageSrc));

Node.js SSRF Open Redirect Cloudflare
NVD GitHub
CVSS 3.1
2.2
EPSS
0.0%
CVE-2026-6874 LOW GHSA Monitor

Reliance on reverse DNS resolution in ericc-ch copilot-api up to version 0.7.0 allows authenticated remote attackers to manipulate the Host header in the /token endpoint, leading to information disclosure. The vulnerability affects the Header Handler component and has been publicly disclosed with exploit code available; the vendor did not respond to early disclosure notification.

Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-41357 LOW PATCH Monitor

OpenClaw before 2026.3.31 contains an environment variable leakage vulnerability in SSH-based sandbox backends that pass unsanitized process.env to child processes. Attackers can exploit this by leveraging non-default SSH environment forwarding configurations to leak sensitive environment variables from parent processes to SSH child processes.

Information Disclosure Openclaw
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy