251 CVEs tracked today. 12 Critical, 102 High, 94 Medium, 43 Low.
-
CVE-2026-32644
CRITICAL
CVSS 9.2
Milesight AIOT cameras ship with hardcoded SSL private keys enabling remote man-in-the-middle attacks and credential interception. Remote unauthenticated attackers can decrypt TLS traffic, impersonate camera services, and potentially gain administrative access to affected devices. CISA ICS-CERT published advisory ICSA-26-113-03 for this industrial/IoT vulnerability affecting network-connected surveillance infrastructure.
Information Disclosure
-
CVE-2026-41446
CRITICAL
CVSS 9.2
Snap One WattBox 800 and 820 series firmware versions prior to 2.10.0.0 contain undisclosed diagnostic HTTP endpoints that require only the device MAC address and service tag for authentication, both of which are printed in plaintext on the physical device label. Attackers with access to the device ...
Authentication Bypass
-
CVE-2026-41386
CRITICAL
CVSS 9.1
Privilege escalation in OpenClaw allows remote unauthenticated attackers to elevate privileges beyond intended device roles during first-use pairing. The vulnerability stems from bootstrap setup codes lacking proper binding to device roles and scopes, enabling attackers to exploit the pairing process with low complexity and no user interaction. VulnCheck reported this issue, and a vendor patch is available as of 2026.3.22. While no active exploitation has been confirmed (not in CISA KEV), the network attack vector (AV:N) and absence of authentication requirements (PR:N) create significant exposure for organizations deploying new OpenClaw instances.
Privilege Escalation
-
CVE-2026-40976
CRITICAL
CVSS 9.1
Authentication bypass in Spring Boot 4.0.0-4.0.5 allows remote unauthenticated attackers to access all application endpoints, bypassing default web security filters entirely. Affects servlet-based applications using spring-boot-actuator-autoconfigure without custom Spring Security configuration and without spring-boot-health dependency. Vendor patch released (upgrade to 4.0.6+). No public exploit code identified at time of analysis, but CVSS 9.1 with network attack vector (AV:N/AC:L/PR:N) indicates trivial exploitation once configuration prerequisites are met.
Authentication Bypass
Java
Red Hat
-
CVE-2026-32649
HIGH
CVSS 7.3
Command injection in Milesight camera web servers allows authenticated administrators with user interaction to execute arbitrary operating system commands. CISA ICS-CERT issued an advisory (ICSA-26-113-03), indicating operational technology/critical infrastructure relevance. Successful exploitation achieves complete compromise of camera confidentiality and integrity. Attack requires privileged credentials (admin-level) and user interaction, significantly limiting real-world exploitation scenarios compared to unauthenticated remote attacks.
Command Injection
-
CVE-2026-27785
HIGH
CVSS 7.7
Hard-coded credentials in Milesight AIOT camera firmware allow adjacent network attackers to gain full system access without authentication. CISA ICS-CERT has published an advisory, indicating industrial/IoT deployment concern. The CVSS 7.7 score reflects adjacent network vector (AV:A) with low complexity (AC:L) and no authentication required (PR:N), enabling complete compromise of confidentiality, integrity, and availability on vulnerable devices. Firmware-level credential hardcoding (CWE-798) cannot be disabled through configuration changes, making patching critical for exposed industrial camera deployments.
Authentication Bypass
-
CVE-2026-27760
CRITICAL
CVSS 9.2
Remote code execution in OpenCATS installer allows unauthenticated attackers to inject and execute arbitrary PHP code by manipulating the AJAX endpoint's databaseConnectivity action parameter. The injected code persists in config.php and executes on every page load while the installation wizard remains incomplete. Publicly available exploit code demonstrates breakout from define() string context using quote and statement separator techniques. Patch available via GitHub commit 3002a29, though CVSS AC:H (high complexity) suggests exploitation requires specific timing or environmental conditions during installation phase.
PHP
RCE
Code Injection
-
CVE-2026-24178
CRITICAL
CVSS 9.8
Authentication bypass in NVIDIA NVFlare Dashboard allows remote unauthenticated attackers to escalate privileges through user-controlled key manipulation in the authentication system. The vulnerability affects the NVIDIA Flare SDK and enables complete system compromise including arbitrary code execution, data tampering, information disclosure, and denial of service. With a CVSS score of 9.8 (critical severity) and maximum exploitability metrics (AV:N/AC:L/PR:N/UI:N), this represents a severe security flaw requiring immediate remediation, though no active exploitation (KEV) or public exploit code has been identified at time of analysis.
Authentication Bypass
Privilege Escalation
RCE
Denial Of Service
Information Disclosure
-
CVE-2026-20766
HIGH
CVSS 8.6
Out-of-bounds memory access in Milesight AIOT camera firmware enables remote attackers to achieve high-severity impacts on confidentiality, integrity, and availability when users interact with malicious content. CISA ICS-CERT has issued an advisory for this industrial IoT vulnerability. With network attack vector (AV:N) and low complexity (AC:L) but requiring user interaction (UI:A), the vulnerability presents significant risk to operational technology environments where these cameras are deployed for industrial surveillance and monitoring applications.
Buffer Overflow
Heap Overflow
-
CVE-2026-7333
CRITICAL
CVSS 9.6
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Denial Of Service
Google
Use After Free
Memory Corruption
Red Hat
-
CVE-2026-7321
CRITICAL
CVSS 9.6
Sandbox escape in Mozilla Firefox's WebRTC networking component allows remote attackers to break out of browser process isolation and execute code outside the sandbox with high integrity and confidentiality impact. Firefox ESR 140.10.1 fixes this critical boundary condition flaw (CWE-120). User interaction is required (visiting a malicious site), but no authentication is needed. EPSS data not provided. Not listed in CISA KEV at time of analysis, indicating no confirmed widespread active exploitation.
Buffer Overflow
Red Hat
Mozilla
Suse
-
CVE-2026-5779
CRITICAL
CVSS 9.4
Insecure direct object reference in MphRx Minerva V3.6.0 allows authenticated attackers to modify arbitrary user profiles via the '/minerva/user/updateUserProfile' endpoint, enabling account takeover by changing victim email addresses and triggering password reset flows. Reported by INCIBE-CERT with authentication bypass tags, indicating likely real-world discovery during security assessment. CVSS 9.4 reflects high confidentiality, integrity, and scope impacts (VC:H/VI:H/SC:H/SI:H), though the PR:L requirement (low-privileged authenticated access) limits initial attack surface to users with valid credentials.
Authentication Bypass
-
CVE-2026-3893
CRITICAL
CVSS 9.4
Carlson Software VASCO-B GNSS receivers allow remote unauthenticated attackers to fully access and modify device configuration and operational functions due to complete absence of authentication controls (CWE-306). The network-accessible interface requires no credentials, enabling attackers to compromise device integrity and availability with low attack complexity. EPSS and KEV status not provided in available data; exploitation requires only network connectivity to the device management interface, typical in surveying and precision agriculture deployments where GNSS receivers may be exposed on operational networks.
Authentication Bypass
-
CVE-2025-60889
CRITICAL
CVSS 9.8
Remote code execution in StellarGroup HPX 1.11.0 allows unauthenticated attackers to execute arbitrary code through insecure deserialization of untrusted input. Publicly available exploit code exists (GitHub Gist POC) with CISA SSVC classifying this as automatable with total technical impact, though EPSS indicates only 2% probability of exploitation in the wild. The CWE-502 vulnerability enables complete system compromise when untrusted data is deserialized under specific deployment conditions not detailed in the description.
RCE
Deserialization
-
CVE-2026-41873
CRITICAL
CVSS 9.8
HTTP request smuggling in Apache Pony Mail (Lua implementation) enables remote unauthenticated attackers to achieve complete admin account takeover with critical impact across confidentiality, integrity, and availability. This affects all versions of the retired Lua codebase - Apache has abandoned support with no patch planned, recommending migration to alternative solutions. CVSS 9.8 critical severity reflects trivial network-based exploitation requiring no authentication or user interaction.
Python
Information Disclosure
Request Smuggling
-
CVE-2026-42432
HIGH
CVSS 7.3
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without operator.admin scope requirement. Attackers can bypass re-pairing authentication to execute privileged commands on the local assistant system.
Authentication Bypass
Privilege Escalation
-
CVE-2026-42431
HIGH
CVSS 7.6
OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the browser.request persistent profile-mutation guard and modify browser configurations.
Authentication Bypass
-
CVE-2026-42428
HIGH
CVSS 7.5
OpenClaw versions before 2026.4.8 fail to enforce integrity verification on downloaded plugin archives. Attackers can install malicious or tampered plugin packages without detection, compromising the local assistant environment.
Information Disclosure
-
CVE-2026-42426
HIGH
CVSS 8.7
OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged users to approve node pairing. Attackers with operator.write permissions can bypass pairing ...
Authentication Bypass
-
CVE-2026-42423
HIGH
CVSS 7.7
OpenClaw before 2026.4.8 contains an approval-timeout fallback mechanism that bypasses strictInlineEval explicit-approval requirements on gateway and node exec hosts. Attackers can exploit this timeout fallback to execute inline eval commands that should require explicit user approval, circumventing...
Authentication Bypass
-
CVE-2026-42422
HIGH
CVSS 7.7
OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not undergone intended approval.
Authentication Bypass
-
CVE-2026-42167
HIGH
CVSS 8.1
mod_sql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands (e.g., COPY TO PROGRAM).
RCE
SQLi
Suse
-
CVE-2026-41649
HIGH
CVSS 7.7
Outline is a service that allows for collaborative documentation. The `shares.create` API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both `collectionId` and `documentId` are provided in the request, the authorization logic only check...
Authentication Bypass
-
CVE-2026-41636
HIGH
CVSS 8.7
Uncontrolled recursion in Apache Thrift Node.js library's skip() function enables remote denial of service via crafted protocol messages. Attacker sends specially-crafted Thrift messages triggering deep recursion in the skip() deserialization routine, exhausting stack memory and crashing the Node.js process. CVSS 8.7 High severity with network attack vector requiring no authentication. Disclosed via oss-security mailing list on 2026-04-28 alongside three related Thrift vulnerabilities (C++ JSON OOB read CVE-2026-41607, c_glib dispatch stack overflow CVE-2026-41606, Swift Compact Protocol issue CVE-2026-41605), suggesting coordinated security audit results. EPSS data not yet available for 2026 CVE.
Buffer Overflow
Apache
Node.js
Red Hat
Suse
-
CVE-2026-41605
HIGH
CVSS 7.3
Integer overflow in Apache Thrift Swift Compact Protocol implementation versions prior to 0.23.0 enables remote unauthenticated attackers to achieve partial confidentiality, integrity, and availability impact. This is one of six related vulnerabilities disclosed simultaneously affecting multiple Apache Thrift language implementations (Swift, Node.js, C++, c_glib, Go). EPSS score of 0.02% (5th percentile) indicates low current exploitation probability, with no active exploitation confirmed by CISA KEV at time of analysis. Vendor-released patch version 0.23.0 addresses this and related Thrift implementation flaws.
Denial Of Service
Apache
Node.js
Integer Overflow
Red Hat
-
CVE-2026-41604
HIGH
CVSS 8.2
Out-of-bounds read vulnerability in Apache Thrift Swift implementation allows remote unauthenticated attackers to trigger denial of service and disclose limited memory contents via malformed skip() operations during protocol deserialization. Affects all versions prior to 0.23.0, with publicly disclosed exploit details on oss-security mailing list. EPSS exploitation probability remains low (5th percentile) despite network-accessible attack vector, suggesting limited real-world targeting to date. Vendor patch released in version 0.23.0 addresses all six concurrently disclosed Thrift vulnerabilities (CVE-2026-41602 through CVE-2026-41607).
Buffer Overflow
Apache
Java
Information Disclosure
Red Hat
-
CVE-2026-41603
HIGH
CVSS 7.4
Apache Thrift Java TSSLTransportFactory fails to verify server hostnames in TLS connections, enabling man-in-the-middle attacks against versions prior to 0.23.0. This CWE-297 (improper certificate validation) vulnerability allows network attackers with high complexity positioning to intercept and modify encrypted communications without authentication. EPSS exploitation probability is low (0.01%, 1st percentile), with no KEV listing or public exploit code identified at time of analysis. Vendor patch available in Thrift 0.23.0.
Denial Of Service
Apache
Java
Red Hat
Suse
-
CVE-2026-41602
HIGH
CVSS 7.5
Integer overflow in Apache Thrift's Go TFramedTransport implementation allows remote unauthenticated attackers to crash server processes via specially crafted uint32 values. Affects all Thrift versions prior to 0.23.0 with EPSS score of 0.02% (low exploitation probability). This is one of six related vulnerabilities disclosed simultaneously affecting different Thrift language bindings (Go, Swift, Java, c_glib), indicating coordinated security audit findings. Vendor patch available in version 0.23.0 released April 2026.
Denial Of Service
Apache
Java
Integer Overflow
Red Hat
-
CVE-2026-41405
HIGH
CVSS 8.7
Resource exhaustion in OpenClaw before 2026.3.31 allows remote unauthenticated attackers to crash servers by sending malicious Microsoft Teams webhook payloads. The application parses request bodies before performing JWT validation, enabling attackers to bypass authentication and trigger denial-of-service conditions. A vendor patch is available via GitHub commit 3834d47, with no evidence of active exploitation (not in CISA KEV) and no public POC identified at time of analysis.
Denial Of Service
-
CVE-2026-41404
HIGH
CVSS 7.7
Privilege escalation in OpenClaw's trusted-proxy authentication mode allows low-privileged authenticated users to gain operator.admin privileges by declaring operator scopes on non-Control-UI clients. The incomplete scope-clearing mechanism fails to sanitize self-declared scopes when identity-bearing authentication paths process requests, enabling attackers to bypass authorization checks and achieve full administrative access. Vendor patch available via commit 8b88b927 in version 2026.3.31; no confirmed active exploitation (not in CISA KEV) but publicly disclosed with detailed GitHub security advisory increasing attack feasibility.
Authentication Bypass
Privilege Escalation
-
CVE-2026-41399
HIGH
CVSS 8.7
Denial of service in OpenClaw (pre-2026.3.28) allows remote unauthenticated attackers to exhaust server resources by flooding the application with concurrent WebSocket upgrade requests. The vulnerability stems from lack of rate-limiting and resource budgeting before authentication, enabling attackers to monopolize socket and worker thread capacity and block legitimate WebSocket clients. No active exploitation confirmed (not in CISA KEV), but the technical barrier is low given unauthenticated network access (CVSS:4.0 AV:N/AC:L/PR:N). VulnCheck reported this vulnerability with vendor advisory available on GitHub.
Denial Of Service
-
CVE-2026-41397
HIGH
CVSS 7.6
Sandbox escape in OpenClaw file synchronization before version 2026.3.31 enables remote authenticated attackers to read and write arbitrary files outside intended boundaries via crafted symlinks during mirror sync operations. The vulnerability exploits CWE-59 (Improper Link Resolution Before File Access) with attack complexity rated High and requires low privileges, indicating targeted exploitation scenarios. Vendor patches available via GitHub commits c02ee8a and 3b9dab0, with CVSS 7.6 reflecting high confidentiality and integrity impact but no availability impact. No active exploitation or public POC identified at time of analysis beyond vendor disclosure.
Authentication Bypass
-
CVE-2026-41396
HIGH
CVSS 8.5
Local attackers can execute malicious code in OpenClaw versions before 2026.3.31 by placing crafted .env files in workspaces to override the OPENCLAW_BUNDLED_PLUGINS_DIR variable, bypassing plugin trust verification. The vulnerability enables code injection through untrusted plugins masquerading as verified components when users open compromised workspace configurations. EPSS data not available; CVSS v4.0 rates this 8.5 HIGH with local attack vector requiring user interaction. Vendor patch available via GitHub commit 330a9f98cb and release 2026.3.31.
Code Injection
-
CVE-2026-41395
HIGH
CVSS 8.2
Webhook replay attacks in OpenClaw before 2026.3.28 allow remote attackers to trigger duplicate voice-call processing by reordering query parameters in captured Plivo V3 signed webhooks. The vulnerability stems from inconsistent canonicalization: signature verification sorts query parameters before validation, but replay detection hashes the raw URL with original parameter ordering. Attackers possessing a single valid signed webhook can bypass replay cache indefinitely by permuting query string order, causing repeated execution of voice-call workflows without requiring authentication or cryptographic breaks. No public exploit identified at time of analysis, though attack complexity is low (CVSS AC:L) with network vector (AV:N) requiring no privileges (PR:N).
Authentication Bypass
-
CVE-2026-41394
HIGH
CVSS 8.8
Authentication bypass in OpenClaw allows remote unauthenticated attackers to execute privileged runtime operations intended for authorized operators. The vulnerability exists in plugin-auth HTTP routes that incorrectly grant operator-level write scopes without authentication checks. Attackers can remotely exploit this flaw with low complexity (CVSS:4.0 AV:N/AC:L/PR:N) to modify runtime configurations and perform administrative actions. Vendor-released patch available as of commit 2a1db0c (March 31, 2026). No active exploitation confirmed in CISA KEV, though EPSS data unavailable for risk calibration.
Authentication Bypass
-
CVE-2026-41390
HIGH
CVSS 7.0
Privilege escalation in OpenClaw before 2026.3.28 allows local authenticated attackers to bypass execution allowlist controls via wrapper binary persistence. When users grant trust to wrapped commands (e.g., via /usr/bin/script), OpenClaw fails to distinguish the wrapper from the underlying executable, allowing attackers to reuse the wrapper's persistent trust to execute arbitrary unauthorized programs. No active exploitation confirmed (CISA KEV: not listed), but VulnCheck has published technical advisory details. EPSS data not available.
Authentication Bypass
-
CVE-2026-41387
HIGH
CVSS 8.5
OpenClaw package manager allows supply chain attacks through incomplete environment variable sanitization before version 2026.3.22. Attackers can hijack approved package installation or execution requests by injecting environment variables that redirect package resolution to malicious infrastructure, enabling trojanized code execution with high impact to confidentiality, integrity, and availability. This requires local access and user interaction to trigger package manager operations, limiting remote exploitation but creating significant insider threat and social engineering risk vectors.
Information Disclosure
-
CVE-2026-41385
HIGH
CVSS 7.1
Plaintext private key storage in OpenClaw versions before 2026.3.31 exposes Nostr protocol signing keys through configuration retrieval methods. Authenticated attackers with network access can exploit redaction bypass in config.get methods to extract unencrypted private keys, enabling full impersonation of the compromised Nostr identity for signing and authentication operations. Vendor patch available via GitHub commit 57700d716f660591fb6e09727f3ca8041fa48b9d. EPSS and KEV data not available, but the authentication bypass tag and network attack vector indicate elevated risk for multi-tenant or shared OpenClaw deployments.
Authentication Bypass
-
CVE-2026-41384
HIGH
CVSS 8.5
Environment variable injection in OpenClaw's CLI backend runner enables local attackers to achieve arbitrary code execution or exfiltrate sensitive data by manipulating workspace configuration files. Attackers with the ability to supply malicious workspace configs can inject environment variables into backend processes during spawning, exploiting CWE-15 (external control of system or configuration setting). Vendor patch available via GitHub commit c2fb7f1. CVSS 8.5 reflects high impact across confidentiality, integrity, and availability, though exploitation requires local access and user interaction to load the malicious workspace config. No evidence of active exploitation (not in CISA KEV) or public proof-of-concept at time of analysis.
RCE
Information Disclosure
-
CVE-2026-41380
HIGH
CVSS 7.0
Execution approval bypass in OpenClaw before 2026.3.28 allows local authenticated users with standard privileges to establish overly broad executable allowlist entries through wrapper carrier exploitation. Attackers leverage positional routing in dispatch wrappers to trust carrier executables instead of their invoked targets, escalating from limited execution approval to arbitrary code execution with high confidentiality and integrity impact. Vendor-released patch version 2026.3.28 addresses the flaw (GHSA-p4x4-2r7f-wjxg). No evidence of active exploitation or public POC identified at time of analysis.
Information Disclosure
-
CVE-2026-41379
HIGH
CVSS 7.1
Privilege escalation in OpenClaw versions prior to 2026.3.28 enables authenticated operators with write permissions to modify administrator-only voice configuration settings through the chat.send endpoint. This vulnerability allows low-privileged operator accounts to manipulate sensitive Talk Voice configuration persistence, bypassing intended role-based access controls. A vendor-released patch is available via commit e34694733fc64931ed4a543c73d84ad3435d5df1. EPSS data unavailable; no CISA KEV listing or public exploit code identified at time of analysis, though the targeted nature (authenticated internal operators) suggests lower mass-exploitation risk than the CVSS 7.1 score might imply.
Authentication Bypass
Privilege Escalation
-
CVE-2026-41378
HIGH
CVSS 7.7
Remote code execution in OpenClaw gateway versions before 2026.3.31 allows attackers with trusted paired node credentials (role=node) to escalate privileges and execute arbitrary code on the gateway by abusing unrestricted agent.request dispatch functionality. The vulnerability stems from insufficient access controls on node.event agent requests, enabling low-privilege paired nodes to invoke gateway-side tools without restriction. EPSS exploitation probability and KEV status not yet available for this recently disclosed vulnerability, but a vendor patch and exploit details are publicly documented.
Authentication Bypass
Privilege Escalation
RCE
-
CVE-2026-41375
HIGH
CVSS 7.1
Authorization bypass in OpenClaw phone channel endpoints allows authenticated low-privilege users to arm or disarm phone-based alarm channels without required administrative rights. Versions prior to 2026.3.28 fail to validate operator.admin scope for /phone arm and /phone disarm API endpoints when accessed through external channels (CWE-863). Patch released via GitHub commit aa66ae1fc, with CVSS 7.1 reflecting network-accessible integrity impact requiring only low-privilege authentication. No active exploitation confirmed (not in CISA KEV); exploit development straightforward given simple API authorization flaw.
Authentication Bypass
-
CVE-2026-41371
HIGH
CVSS 8.4
Privilege escalation in OpenClaw chat.send API allows low-privileged gateway callers with write scope to execute admin-only session management operations. Attackers can forcibly reset user sessions, rotate session IDs, and archive chat transcripts without admin authorization by exploiting broken access control in the chat messaging path. This enables session hijacking and data manipulation attacks against legitimate users. Reported by VulnCheck disclosure team with vendor security advisory published; no public exploit or active exploitation confirmed at time of analysis.
Authentication Bypass
Privilege Escalation
-
CVE-2026-41370
HIGH
CVSS 7.1
Path traversal in OpenClaw's ACP dispatch mechanism allows authenticated remote attackers to read arbitrary files outside intended directories by manipulating inbound channel attachment paths. Attackers can bypass both attachment-cache and root directory security checks to access sensitive system files. Upstream fix available via GitHub commit 566fb73d9d, with versions prior to 2026.3.31 confirmed vulnerable. No CISA KEV listing at time of analysis, indicating targeted rather than widespread exploitation.
Path Traversal
-
CVE-2026-41369
HIGH
CVSS 7.1
Environment variable injection in OpenClaw (pre-2026.3.31) allows authenticated remote attackers to compromise host execution integrity by injecting malicious variables that override package managers, Docker registries, compiler paths, and TLS configurations during host exec operations. The vulnerability exhibits high confidentiality impact (CVSS:4.0 VC:H) with network attack vector and low complexity (AV:N/AC:L), requiring only low-privilege authentication (PR:L). VulnCheck disclosure indicates this affects Docker-related operations, with fixes available via GitHub commit eb8de67 and tracked under GHSA-cg7q-fg22-4g98. EPSS and KEV data not available at time of analysis.
Information Disclosure
Docker
-
CVE-2026-41368
HIGH
CVSS 7.1
Environment variable disclosure in OpenClaw jq safe-bin policy allows authenticated remote attackers to extract sensitive credentials and configuration data. The vulnerability stems from incomplete filter blocking in jq program execution - specifically, the $ENV filter can bypass safe-bin restrictions to read process environment variables. Versions prior to 2026.3.28 are affected. No CISA KEV listing or public POC identified at time of analysis, but disclosure by VulnCheck indicates vendor-confirmed issue with available patch.
Information Disclosure
-
CVE-2026-41364
HIGH
CVSS 7.2
Remote authenticated attackers can overwrite arbitrary files on OpenClaw servers by uploading malicious tar archives containing symbolic links to the SSH sandbox feature. The vulnerability allows escaping sandbox restrictions to modify critical system files, enabling potential remote code execution or denial of service. Affects OpenClaw versions before 2026.3.31. No public exploit identified at time of analysis, with EPSS data unavailable for this recent CVE.
Information Disclosure
-
CVE-2026-40978
HIGH
CVSS 8.8
SQL injection in Spring AI's CosmosDBVectorStore component (versions 1.0.0-1.0.5 and 1.1.0-1.1.4) enables authenticated remote attackers to execute arbitrary SQL queries through malicious document IDs, potentially achieving full database compromise including data exfiltration, modification, and denial of service. VMware has released patches in versions 1.0.6 and 1.1.5. CVSS score of 8.8 reflects high impact across confidentiality, integrity, and availability, though exploitation requires low-privilege authenticated access to the vector store API.
Java
SQLi
-
CVE-2026-40973
HIGH
CVSS 7.0
Local privilege escalation and session hijacking in Spring Boot allows attackers with local access to hijack authenticated sessions or execute arbitrary code by taking control of the ApplicationTemp directory. The vulnerability affects Spring Boot versions 2.7.0 through 4.0.5 when server.servlet.session.persistent is enabled, requiring attack persistence across application restarts. VMware has released patches for all supported branches (4.0.6, 3.5.14, 3.4.16, 3.3.19, 2.7.33), though unsupported versions remain vulnerable. No active exploitation confirmed at time of analysis.
Java
Information Disclosure
Red Hat
-
CVE-2026-40967
HIGH
CVSS 8.6
Filter expression injection in Spring AI 1.0.0-1.0.5 and 1.1.0-1.1.4 allows remote unauthenticated attackers to manipulate vector store queries through unescaped keys and values in FilterExpressionConverter implementations. The vulnerability enables query language injection across multiple vector database backends, potentially exposing sensitive data (CVSS:C:H) and modifying query results (CVSS:I:L). VMware has released patches in versions 1.0.6 and 1.1.5. No active exploitation confirmed (not in CISA KEV), but the network-accessible attack vector (AV:N/AC:L/PR:N) and code injection classification (CWE-94) indicate significant risk for applications processing untrusted filter expressions.
RCE
Java
Code Injection
-
CVE-2026-40551
HIGH
CVSS 8.4
Client-side authentication bypass in mpGabinet 23.12.19 and earlier allows local authenticated attackers to impersonate arbitrary users by patching the application binary. An attacker with legitimate low-privilege access to the system can manipulate the compiled application code to skip login verification entirely, gaining unauthorized access as any user including administrators. EPSS score not available for this 2026 CVE; no active exploitation or public POC confirmed at time of analysis.
Authentication Bypass
-
CVE-2026-38949
HIGH
CVSS 8.9
Stored Cross-Site Scripting in HTMLy 3.1.1 allows authenticated users with content creation privileges to inject malicious JavaScript via the image upload endpoint (/add/content?type=image), executing arbitrary code in victim browsers with scope change (S:C) indicating potential account takeover or session hijacking. Public proof-of-concept exists (YouTube demonstration and GitHub writeup), though EPSS score remains low (2%, 4th percentile) and no active exploitation has been confirmed by CISA KEV. CVSS 8.9 reflects high confidentiality and integrity impact but requires victim interaction.
XSS
RCE
N A
-
CVE-2026-38651
HIGH
CVSS 8.2
Authentication Bypass vulnerability exists in Netmaker versions prior to 1.5.0. The VerifyHostToken function in logic/jwts.go fails to validate the JWT signature when verifying host tokens. An attacker can forge a JWT signed with any arbitrary key and use it to impersonate any host in the network, g...
Authentication Bypass
Jwt Attack
-
CVE-2026-35579
HIGH
CVSS 8.2
### Summary
The gRPC, QUIC, DoH, and DoH3 transports in CoreDNS incorrectly handle TSIG authentication.
For gRPC and QUIC, CoreDNS checks whether the TSIG key name exists in the config, but does not actually verify the TSIG HMAC. If the key name matches, `tsigStatus` remains nil and the tsig plugi...
Authentication Bypass
Red Hat
Suse
-
CVE-2026-33489
HIGH
CVSS 8.2
### Summary
CoreDNS' transfer plugin can select the wrong ACL stanza when both a parent zone and a more-specific subzone are configured. A permissive parent-zone transfer rule can override a restrictive subzone rule (name-dependent), allowing an unauthorized client to perform AXFR/IXFR for the subzo...
Authentication Bypass
Suse
-
CVE-2026-33190
HIGH
CVSS 8.7
### Summary
CoreDNS' tsig plugin can be bypassed on non-plain-DNS transports because it trusts the transport writer's TsigStatus() instead of performing verification itself. In the attached PoC, plain DNS/TCP correctly rejects an invalid TSIG (NOTAUTH), while the same invalid-TSIG request is accepte...
Authentication Bypass
-
CVE-2026-32936
HIGH
CVSS 8.7
### Summary
CoreDNS's DNS-over-HTTPS (DoH) GET path accepts oversized `dns=` query values and performs substantial request parsing, query unescaping, base64 decoding, and message unpacking work before returning `400 Bad Request`.
A remote, unauthenticated attacker can repeatedly send oversized DoH...
Denial Of Service
Python
OpenSSL
Suse
-
CVE-2026-32934
HIGH
CVSS 8.7
### Summary
CoreDNS' DNS-over-QUIC (DoQ) server can be driven into large goroutine and memory growth by a remote client that opens many QUIC streams and stalls after sending only 1 byte. Even with a small configured quic { worker_pool_size ... }, CoreDNS still spawns a goroutine per accepted stream ...
Denial Of Service
Suse
-
CVE-2026-24222
HIGH
CVSS 8.6
Remote unauthenticated attackers can exfiltrate sensitive host environment variables from NVIDIA NeMoClaw by injecting malicious prompts that bypass sandbox access controls. The vulnerability affects the sandbox initialization component and enables information disclosure without requiring any authentication or user interaction (CVSS 8.6, AV:N/AC:L/PR:N/UI:N). Cross-scope impact (S:C) indicates the attack breaks out of the intended sandbox boundary to access host-level secrets. EPSS and KEV status not available; this appears to be a recently disclosed AI/LLM agent security issue.
Information Disclosure
Nvidia
-
CVE-2026-24186
HIGH
CVSS 8.8
Remote code execution in NVIDIA FLARE SDK allows authenticated attackers to execute arbitrary code by sending maliciously crafted FOBS-encoded messages that exploit unsafe deserialization in the FOBS component. The vulnerability affects federated learning deployments where NVIDIA FLARE SDK processes messages from low-privileged authenticated users, enabling complete system compromise with high impact to confidentiality, integrity, and availability. No active exploitation confirmed (not in CISA KEV) and public exploit status unknown at time of analysis.
RCE
Deserialization
Nvidia
-
CVE-2026-7363
HIGH
CVSS 8.8
Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7361
HIGH
CVSS 8.8
Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Denial Of Service
Google
Use After Free
Memory Corruption
Apple
-
CVE-2026-7359
HIGH
CVSS 8.8
Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Denial Of Service
Google
Use After Free
Memory Corruption
Red Hat
-
CVE-2026-7358
HIGH
CVSS 8.8
Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7357
HIGH
CVSS 7.5
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Denial Of Service
Google
Use After Free
Memory Corruption
Red Hat
-
CVE-2026-7356
HIGH
CVSS 8.8
Use after free in Navigation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7355
HIGH
CVSS 8.8
Use after free in Media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7354
HIGH
CVSS 8.8
Out of bounds read and write in Angle in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Buffer Overflow
Information Disclosure
Google
Red Hat
Suse
-
CVE-2026-7353
HIGH
CVSS 8.3
Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Buffer Overflow
Google
Heap Overflow
Red Hat
Suse
-
CVE-2026-7352
HIGH
CVSS 8.3
Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Denial Of Service
Google
Use After Free
Memory Corruption
Red Hat
-
CVE-2026-7350
HIGH
CVSS 8.3
Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Denial Of Service
Google
Use After Free
Memory Corruption
Red Hat
-
CVE-2026-7349
HIGH
CVSS 7.5
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7348
HIGH
CVSS 8.8
Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7347
HIGH
CVSS 8.1
Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7346
HIGH
CVSS 8.1
Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Buffer Overflow
Google
Red Hat
Suse
-
CVE-2026-7345
HIGH
CVSS 8.3
Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Information Disclosure
Google
Red Hat
Suse
-
CVE-2026-7344
HIGH
CVSS 8.8
Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Denial Of Service
Google
Use After Free
Memory Corruption
Microsoft
-
CVE-2026-7343
HIGH
CVSS 7.5
Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Denial Of Service
Google
Use After Free
Memory Corruption
Microsoft
-
CVE-2026-7342
HIGH
CVSS 8.8
Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7341
HIGH
CVSS 8.8
Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7339
HIGH
CVSS 8.8
Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Buffer Overflow
Google
Heap Overflow
Red Hat
Suse
-
CVE-2026-7338
HIGH
CVSS 7.5
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)
Denial Of Service
Google
Use After Free
Memory Corruption
Red Hat
-
CVE-2026-7337
HIGH
CVSS 8.8
Type Confusion in V8 in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
RCE
Google
Memory Corruption
Red Hat
Suse
-
CVE-2026-7336
HIGH
CVSS 8.8
Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7335
HIGH
CVSS 8.8
Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
RCE
Denial Of Service
Google
Use After Free
Memory Corruption
-
CVE-2026-7334
HIGH
CVSS 8.8
Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Denial Of Service
Google
Use After Free
Memory Corruption
Red Hat
-
CVE-2026-7324
HIGH
CVSS 7.3
Multiple memory corruption vulnerabilities in Firefox 150.0.0 and Thunderbird 150.0.0 enable remote code execution through memory safety bugs. Mozilla's security advisory confirms these flaws could allow arbitrary code execution with sufficient exploit development. No active exploitation confirmed at time of analysis, but SSVC framework rates this as automatable with partial technical impact. Vendor-released patch available in Firefox 150.0.1.
RCE
Buffer Overflow
Red Hat
Mozilla
Suse
-
CVE-2026-7323
HIGH
CVSS 7.3
Memory safety bugs present in Firefox ESR 140.10.0, Thunderbird ESR 140.10.0, Firefox 150.0.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was ...
RCE
Buffer Overflow
Memory Corruption
Red Hat
Mozilla
-
CVE-2026-7322
HIGH
CVSS 7.3
Memory safety bugs present in Firefox ESR 115.35.0, Firefox ESR 140.10.0, Thunderbird ESR 140.10.0, Firefox 150.0.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. T...
RCE
Buffer Overflow
Red Hat
Mozilla
Suse
-
CVE-2026-7320
HIGH
CVSS 7.5
Information disclosure in Mozilla Firefox, Firefox ESR 140, and Firefox ESR 115 allows remote unauthenticated attackers to extract sensitive data via incorrect boundary conditions in the Audio/Video component. The vulnerability permits network-based exploitation with low complexity and no user interaction (CVSS:3.1/AV:N/AC:L/PR:N/UI:N), enabling unauthorized access to high-confidentiality information. Mozilla released patches in Firefox 150.0.1, Firefox ESR 140.10.1, and Firefox ESR 115.35.1 (confirmed by vendor advisories MFSA2026-35/36/37). SSVC indicates automatable exploitation with partial technical impact, though no public exploit or active exploitation is identified at time of analysis.
Buffer Overflow
Information Disclosure
Red Hat
Mozilla
Suse
-
CVE-2026-7289
HIGH
CVSS 7.4
Remote authenticated attackers can execute arbitrary code on D-Link DIR-825M routers (firmware 1.1.12) by sending specially crafted requests to the /boafrm/formWanConfigSetup endpoint with malicious submit-url parameters, triggering a buffer overflow in function sub_414BA8. Public proof-of-concept exploit code exists on GitHub (Kiciot/cve#3), significantly lowering exploitation barriers. While requiring authentication (PR:L), the network attack vector (AV:N) and low complexity (AC:L) enable remote compromise of affected devices with potential for complete device control (VC:H/VI:H/VA:H). No CISA KEV listing or EPSS data available at time of analysis.
Buffer Overflow
D-Link
-
CVE-2026-7288
HIGH
CVSS 7.4
Buffer overflow in D-Link DIR-825M 1.1.12 router allows authenticated remote attackers to achieve high-severity code execution via crafted submit-url parameter in VPN configuration interface. Public exploit code exists (CVSS 4.0 E:P) with technical details disclosed on GitHub, enabling remote compromise of router administrative functions by low-privileged authenticated users. CVSS 7.4 HIGH severity with network attack vector and low complexity indicates significant risk for internet-facing devices with default or weak credentials.
Buffer Overflow
D-Link
-
CVE-2026-7280
HIGH
CVSS 8.4
Unquoted service path vulnerability in AVACAST by eMPIA Technology enables local privilege escalation from high-privileged user to SYSTEM. Attackers with administrative access can plant malicious executables in unquoted paths, achieving arbitrary code execution with system-level privileges upon service restart. Taiwan CERT (TWCERT) published advisories confirming the vulnerability. No public exploit code identified at time of analysis, and exploitation requires existing administrative privileges, limiting practical risk to environments where privileged user compromise is a concern.
RCE
-
CVE-2026-7279
HIGH
CVSS 8.5
Local privilege escalation in eMPIA Technology AVACAST allows authenticated local users to execute arbitrary code with SYSTEM privileges by placing a malicious DLL in a specific directory exploited during application startup. This DLL hijacking vulnerability (CWE-427) requires low-complexity exploitation with no user interaction once local access is obtained. Taiwan's TWCERT issued advisories on this vulnerability, indicating regional awareness though no CISA KEV listing or public exploit code has been identified at time of analysis.
RCE
-
CVE-2026-7248
HIGH
CVSS 8.9
Remote code execution in D-Link DI-8100 router firmware 16.07.26A1 allows unauthenticated attackers to compromise the device via buffer overflow in the CGI endpoint. The vulnerability resides in the tgfile.htm CGI handler where inadequate input validation of the 'fn' parameter enables attackers to overflow a stack or heap buffer. Public exploit code is available on GitHub, significantly lowering the barrier to exploitation against internet-exposed devices. CVSS 8.9 (Critical) with network vector, low complexity, and no privileges required indicates high real-world risk for exposed D-Link DI-8100 routers.
Buffer Overflow
D-Link
-
CVE-2026-7247
HIGH
CVSS 7.3
Buffer overflow in D-Link DI-8100 router firmware 16.07.26A1 allows authenticated administrators to execute arbitrary code remotely via crafted file extension names. The vulnerability affects the file_exten.asp File Extension Handler component, with a publicly available exploit (E:P in CVSS vector). While requiring high-privilege access (PR:H), successful exploitation grants complete system control (VC:H/VI:H/VA:H), and the attack complexity is low (AC:L). No CISA KEV listing indicates targeted rather than widespread exploitation despite public POC availability.
Buffer Overflow
D-Link
-
CVE-2026-7244
HIGH
CVSS 8.9
Remote unauthenticated command injection in Totolink A8000RU 7.1cu.643_b20200521 allows complete device compromise via crafted requests to the WiFi Guest Configuration CGI handler. Attackers can inject arbitrary OS commands through the 'merge' parameter in setWiFiEasyGuestCfg function at /cgi-bin/cstecgi.cgi, achieving full system control without authentication. Public exploit code exists (confirmed by CVSS E:P and GitHub POC reference), significantly lowering the barrier to exploitation. EPSS data not available, but the combination of network attack vector, no authentication requirement, low complexity, and publicly available exploit indicates elevated real-world risk for internet-facing devices.
Command Injection
-
CVE-2026-7243
HIGH
CVSS 8.9
Remote unauthenticated command injection in Totolink A8000RU 7.1cu.643_b20200521 allows attackers to execute arbitrary OS commands via the maxRtrAdvInterval parameter in the setRadvdCfg function of /cgi-bin/cstecgi.cgi. Public exploit code exists per VulDB submission, enabling immediate weaponization against exposed devices. CVSS 8.9 reflects network accessibility, no authentication requirement, and high impact across confidentiality, integrity, and availability - attack complexity is low with no user interaction needed, making this a critical priority for internet-facing Totolink routers.
Command Injection
-
CVE-2026-7242
HIGH
CVSS 8.9
OS command injection in Totolink A8000RU router firmware 7.1cu.643_b20200521 allows unauthenticated remote attackers to execute arbitrary system commands via the setOpenVpnClientCfg function in /cgi-bin/cstecgi.cgi by manipulating the 'enabled' parameter. Public exploit code exists (disclosed on GitHub), significantly lowering the barrier to exploitation. CVSS 8.9 reflects the complete compromise potential (confidentiality, integrity, availability) without requiring authentication or user interaction, making this a critical exposure for deployed devices.
Command Injection
-
CVE-2026-7241
HIGH
CVSS 8.9
Remote command injection in Totolink A8000RU firmware 7.1cu.643_b20200521 allows unauthenticated attackers to execute arbitrary OS commands via the wifiOff parameter in setWiFiBasicCfg function. The vulnerability has a publicly available exploit (PoC on GitHub) and achieves full system compromise with network-accessible attack vector requiring no authentication or user interaction. EPSS data not available, but CVSS 8.9 (Critical) with exploitability confirmed (E:P) indicates immediate patching priority for exposed devices.
Command Injection
-
CVE-2026-7240
HIGH
CVSS 8.9
OS command injection in Totolink A8000RU firmware 7.1cu.643_b20200521 allows remote unauthenticated attackers to execute arbitrary system commands via the User parameter in the setVpnAccountCfg function of /cgi-bin/cstecgi.cgi. Publicly available exploit code exists (GitHub POC), enabling immediate weaponization. CVSS 8.9 with full impact on confidentiality, integrity, and availability. EPSS data unavailable; not currently in CISA KEV, but the combination of network accessibility, no authentication requirement, and public exploit makes this a critical risk for internet-facing devices.
Command Injection
-
CVE-2026-7219
HIGH
CVSS 7.3
Buffer overflow in Totolink N300RT router firmware 3.4.0-B20250430 allows authenticated remote attackers with high-privilege administrative access to execute arbitrary code via crafted input to the entry_name parameter in /boafrm/formIpQoS. Public exploit code is available on GitHub demonstrating the vulnerability. EPSS data not provided, but the requirement for high-privilege authentication significantly limits real-world exploitation surface to scenarios where administrative credentials are already compromised.
Buffer Overflow
-
CVE-2026-7218
HIGH
CVSS 7.3
Buffer overflow in Totolink N300RT 3.4.0-B20250430 enables authenticated remote code execution via the WPS configuration handler. An attacker with administrative credentials (PR:H) can send a crafted localPin parameter to /boafrm/formWsc, overflowing a buffer in the is_cmd_string_valid function (libapmib.so) to execute arbitrary code with full system access (VC:H/VI:H/VA:H). Public proof-of-concept exploit code exists on GitHub (xiaohaiyang-ai/TOTOLINK-N300RT-Buffer-Overflow), increasing weaponization risk despite requiring privileged access. EPSS data not available; no CISA KEV listing indicates exploitation not yet widespread in wild attacks.
Buffer Overflow
-
CVE-2026-7204
HIGH
CVSS 8.9
Remote command injection in Totolink A8000RU router firmware 7.1cu.643_b20200521 allows unauthenticated attackers to execute arbitrary OS commands via the 'enable' parameter in setPptpServerCfg function of /cgi-bin/cstecgi.cgi. Public exploit code exists (GitHub POC available), enabling trivial remote compromise without authentication or user interaction. CVSS v4.0 score of 8.9 reflects maximum impact on confidentiality, integrity, and availability. No EPSS data or CISA KEV status available, but publicly documented POC substantially lowers exploitation barrier for this home/small office router platform.
Command Injection
-
CVE-2026-7203
HIGH
CVSS 8.9
Remote command injection in Totolink A8000RU router firmware 7.1cu.643_b20200521 allows unauthenticated attackers to execute arbitrary OS commands with router privileges via the setUrlFilterRules CGI function. Public exploit code exists (CVSS:4.0 E:P indicator), significantly increasing exploitation risk. EPSS data unavailable, but network-accessible command injection with public POC represents critical risk for internet-exposed devices.
Command Injection
-
CVE-2026-7202
HIGH
CVSS 8.9
OS command injection in Totolink A8000RU router firmware version 7.1cu.643_b20200521 allows remote unauthenticated attackers to execute arbitrary system commands with root privileges via the wscDisabled parameter in the setWiFiWpsStart function of /cgi-bin/cstecgi.cgi. Public exploit code exists (VulDB #359802), enabling trivial weaponization. EPSS score unavailable; CVSS 8.9 reflects network-based unauthenticated attack with complete device compromise. No CISA KEV listing at time of analysis, suggesting targeted rather than mass exploitation.
Command Injection
-
CVE-2026-5781
HIGH
CVSS 8.5
Privilege escalation in MphRx Minerva V3.6.0 allows authenticated users with user modification privileges to gain administrator access by manipulating the 'identifier' field in direct HTTP requests to the '/minerva/moUser/update' endpoint. While the vulnerability requires existing low-level authenticated access and cannot be exploited through the graphical interface, the CVSS v4.0 score of 8.5 reflects high impact across confidentiality, integrity, and availability in the subsequent system context (SC:H/SI:H/SA:H). No public exploit identified at time of analysis, with EPSS data unavailable for this recent CVE.
Authentication Bypass
-
CVE-2026-5780
HIGH
CVSS 8.5
Insecure direct object reference in MphRx Minerva V3.6.0 allows authenticated attackers to enumerate and exfiltrate sensitive user data across the entire application by manipulating user IDs in the '/minerva/moUser/show/' endpoint. The CVSS 4.0 score of 8.5 reflects high confidentiality impact to both vulnerable (VC:H) and subsequent (SC:H) systems, with subsequent high integrity (SI:H) and availability (SA:H) impacts indicating potential for lateral movement or privilege escalation after initial data disclosure. Coordinated disclosure by INCIBE-CERT suggests vendor notification occurred, though no public exploit code is currently identified and EPSS/KEV data are unavailable for this 2026 CVE.
Authentication Bypass
-
CVE-2026-5435
HIGH
CVSS 7.3
Out-of-bounds write in GNU C Library 2.2+ allows remote unauthenticated attackers to corrupt memory and potentially execute arbitrary code through specially crafted TSIG DNS records processed by deprecated ns_printrrf, ns_printrr, or fp_nquery functions. While these functions are deprecated, any application still using them for DNS record printing remains vulnerable to network-based attacks with low complexity and no authentication barriers. No public exploit identified at time of analysis, but the deprecated status suggests limited real-world exposure despite the network attack vector.
Buffer Overflow
Memory Corruption
Red Hat
Suse
-
CVE-2026-3323
HIGH
CVSS 7.5
Remote unauthenticated access to sensitive data in VEGA VEGAPULS 6X Two-Wire industrial sensors exposes hashed credentials and access codes via unsecured configuration interface. Network-accessible interface (AV:N/AC:L/PR:N/UI:N) allows attackers to extract authentication materials without any prerequisites, enabling credential cracking and potential lateral movement in industrial networks. EPSS and KEV data not available; CERTVDE advisory confirms vulnerability in Ethernet-APL enabled industrial level measurement devices running PROFINET, Modbus TCP, and OPC UA protocols. No public exploit identified at time of analysis, though exploitation trivial due to lack of authentication requirement.
Authentication Bypass
-
CVE-2026-1460
HIGH
CVSS 7.2
Command injection in Zyxel DX3301-T0 and EX3301-T0 routers allows authenticated administrators to execute arbitrary OS commands by injecting malicious input into the DomainName parameter of DHCP configuration. Affects firmware versions through 5.50(ABVY.7.1)C0. Vendor Zyxel has published a security advisory with remediation guidance. EPSS data not available; no public exploit identified at time of analysis. While CVSS score is 7.2 (High), practical risk is constrained by requirement for admin-level authentication, limiting exposure to credential compromise or malicious insider scenarios.
Command Injection
Zyxel
-
CVE-2025-67223
HIGH
CVSS 7.5
Unauthenticated remote attackers can access sensitive documents containing personally identifiable information (PII) in Aranda Service Desk versions prior to 8.3.12 by exploiting predictable log file names in the Aranda File Server (AFS) component. Attackers retrieve daily activity logs from a publicly accessible directory to obtain direct virtual paths of uploaded files, then bypass access controls to download the documents. CISA SSVC framework confirms proof-of-concept code exists and the vulnerability is fully automatable, significantly lowering the barrier to exploitation despite no confirmed active exploitation at time of analysis.
Information Disclosure
-
CVE-2025-48431
HIGH
CVSS 7.5
Remote unauthenticated denial of service in Apache Thrift c_glib language bindings (versions before 0.23.0) allows attackers to crash Thrift servers via specially crafted requests triggering 'free(): invalid pointer' fatal errors. CVSS 7.5 (HIGH) with network vector and low complexity. EPSS score is only 0.02% (4th percentile), indicating very low real-world exploitation probability despite theoretical severity. No active exploitation confirmed (not in CISA KEV); no public POC identified at time of analysis. Vendor-released patch: Apache Thrift 0.23.0.
Denial Of Service
Apache
-
CVE-2026-42510
MEDIUM
CVSS 6.6
OpenStack Ironic through version 25.0.0 allows execution of arbitrary ipmitool commands when a non-default console interface is configured, enabling authenticated administrators to disclose sensitive information or modify system state. The vulnerability requires high privileges and deliberate configuration of a console interface, reducing real-world exposure but creating significant risk in environments where administrative trust boundaries are compromised.
Information Disclosure
-
CVE-2026-42430
MEDIUM
CVSS 4.8
OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in Playwright redirect handling that allows attackers to bypass strict SSRF checks. Attackers can exploit request-time navigation to reach private targets that should be restricted by browser SSRF protections.
SSRF
-
CVE-2026-42429
MEDIUM
CVSS 6.0
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability in the gateway plugin HTTP authentication mechanism that widens identity-bearing operator.read requests into runtime operator.write permissions. Attackers can exploit this by sending read-scoped requests through the gateway auth ...
Authentication Bypass
Privilege Escalation
-
CVE-2026-42427
MEDIUM
CVSS 5.8
OpenClaw before 2026.4.8 contains a remote code execution vulnerability caused by missing environment variable denylist entries for HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS. Attackers can inject malicious build tool environment variables to influence host exec commands and a...
RCE
-
CVE-2026-42424
MEDIUM
CVSS 5.9
OpenClaw before 2026.4.8 treats shared reply MEDIA paths as trusted, allowing crafted references to trigger cross-channel local file exfiltration. Attackers can exploit this by crafting malicious shared reply MEDIA references to cause another channel to read local file paths as trusted generated med...
Information Disclosure
-
CVE-2026-42420
MEDIUM
CVSS 5.3
OpenClaw before 2026.4.8 contains improper input validation in base64 decode paths that allocate memory before enforcing decoded-size limits. Attackers can exploit multiple code paths to cause memory exhaustion or denial of service through crafted base64-encoded input.
Denial Of Service
-
CVE-2026-41915
MEDIUM
CVSS 5.8
OpenClaw before 2026.4.8 fails to remove git plumbing environment variables from the execution environment before host exec operations. Attackers can exploit this by setting GIT_DIR and related variables to redirect git operations and compromise repository integrity.
Information Disclosure
-
CVE-2026-41914
MEDIUM
CVSS 5.1
OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to access internal resources and bypass allowlist policies.
SSRF
-
CVE-2026-41913
MEDIUM
CVSS 6.3
OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended rate-limit...
Authentication Bypass
Race Condition
-
CVE-2026-41912
MEDIUM
CVSS 4.8
OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser interactions to bypass SSRF protections and access restricted resources.
SSRF
-
CVE-2026-41911
MEDIUM
CVSS 6.0
OpenClaw before 2026.4.8 contains a filesystem policy bypass vulnerability in docx upload processing that allows local file reads outside workspace boundaries. Attackers can exploit upload_file and upload_image endpoints to access files beyond the intended workspace-only filesystem policy.
Path Traversal
-
CVE-2026-41607
MEDIUM
CVSS 6.5
Out-of-bounds read in Apache Thrift C++ JSON deserialization allows remote attackers to leak sensitive information and trigger denial of service via malformed JSON payloads. Affects Apache Thrift versions prior to 0.23.0. The vulnerability has low exploitation probability (EPSS 0.02%) and is not currently listed in CISA KEV, suggesting limited real-world weaponization despite network-accessible attack vector.
Buffer Overflow
Apache
Information Disclosure
Node.js
Red Hat
-
CVE-2026-41606
MEDIUM
CVSS 5.3
Stack overflow in Apache Thrift c_glib dispatch mechanism allows remote attackers to trigger denial of service via crafted network requests. The vulnerability affects Apache Thrift versions prior to 0.23.0 and requires no authentication or user interaction, resulting in application crashes or service unavailability. Patch is available from the vendor.
Denial Of Service
Apache
Node.js
Red Hat
Suse
-
CVE-2026-41526
MEDIUM
CVSS 6.5
KDE KCoreAddons before version 6.25 contains an improper neutralization of special elements vulnerability in the KShell::quoteArgs() function that fails to safely escape metacharacters and control characters, allowing local attackers with user interaction to inject arbitrary shell commands or terminal control sequences when user input is passed to shell execution contexts. Applications using this method to quote arguments for security-critical operations are affected; exploitation requires local access and user interaction but can achieve arbitrary code execution with user privileges.
Code Injection
Suse
-
CVE-2026-41525
MEDIUM
CVSS 6.5
KDE Dolphin before 25.12.3 allows sandboxed applications (running under Flatpak or AppArmor confinement) to bypass sandbox restrictions and open arbitrary files outside their containment boundary through the FileManager1 D-Bus protocol implementation. An attacker controlling a sandboxed application can exploit this to access sensitive files or execute scripts with user interaction, circumventing the intended isolation model.
Information Disclosure
-
CVE-2026-41407
MEDIUM
CVSS 6.3
OpenClaw before version 2026.4.2 leaks shared-secret length information through timing side-channel attacks in cryptographic comparison operations. The vulnerability stems from early length-mismatch checks in shared-secret comparison routines that violate constant-time security requirements, allowing remote attackers to measure timing differences and infer secret lengths without authentication. This weakens the cryptographic guarantees of the library's shared-secret handling.
Information Disclosure
-
CVE-2026-41403
MEDIUM
CVSS 6.3
OpenClaw before version 2026.3.31 misclassifies proxied remote requests as loopback connections in the diffs viewer, allowing attackers to bypass the allowRemoteViewer access control restriction. Unauthenticated remote attackers can exploit this authentication bypass by sending specially crafted proxied requests that are incorrectly identified as local traffic, gaining unauthorized access to the diffs viewer functionality. The vulnerability requires network access and specific timing/proximity conditions (per CVSS AT:P vector), but once exploited results in confidentiality impact through unauthorized information disclosure.
Authentication Bypass
-
CVE-2026-41400
MEDIUM
CVSS 6.9
OpenClaw before version 2026.3.31 fails to properly validate WebSocket frame sizes in its voice-call component before processing, allowing remote unauthenticated attackers to send oversized frames that trigger excessive resource consumption and denial of service. This vulnerability represents an incomplete remediation of CVE-2026-32062, demonstrating that the original fix did not address the root validation sequencing issue.
Denial Of Service
-
CVE-2026-41393
MEDIUM
CVSS 5.9
OpenClaw before version 2026.3.31 accepts arbitrary tailnet peers as DNS authorities due to improper validation in its wide-area discovery mechanism, enabling attackers positioned within the same tailnet with CA-trusted endpoint access to manipulate DNS resolution and exfiltrate operator credentials. The vulnerability requires adjacent network access, high attack complexity, and user interaction, but results in high confidentiality impact through credential theft. No active exploitation has been publicly confirmed at the time of analysis.
Information Disclosure
-
CVE-2026-41392
MEDIUM
CVSS 5.4
OpenClaw before version 2026.3.31 allows local authenticated users with user interaction to bypass exec allowlist restrictions via shell initialization file options (--rcfile, --init-file, --startup-file), enabling them to load attacker-controlled initialization files and achieve high-impact unauthorized access to confined resources. Exploitation requires local access, low privileges, user interaction, and specific timing conditions, but bypasses a critical security control intended to restrict executable trust.
Authentication Bypass
-
CVE-2026-41391
MEDIUM
CVSS 5.8
OpenClaw before version 2026.3.31 allows local authenticated attackers to redirect Python package-index traffic by injecting malicious URLs through unsanitized PIP_INDEX_URL and UV_INDEX_URL environment variables, enabling interception or manipulation of package management operations. The vulnerability requires local access and authentication but can result in high integrity impact through compromised package delivery. No active exploitation has been publicly confirmed, but the attack surface is direct and the remediation is straightforward.
Authentication Bypass
Python
-
CVE-2026-41388
MEDIUM
CVSS 6.3
OpenClaw before version 2026.3.31 allows remote attackers to bypass configuration revocation controls by restarting the application, which rehydrates revoked Tlon configuration settings from disk state due to improper handling of empty-array settings during startup migration. An attacker with network access and the ability to trigger application restarts can restore previously revoked authentication or authorization configurations without explicit re-enablement, potentially compromising intended security controls.
Authentication Bypass
-
CVE-2026-41383
MEDIUM
CVSS 6.1
OpenClaw before version 2026.4.2 allows authenticated attackers to delete arbitrary remote directories during mirror mode synchronization operations by manipulating remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. An attacker with login credentials can craft malicious OpenShell config paths that cause the mirror sync function to delete unintended remote directory contents before replacing them with uploaded workspace data, resulting in data loss and potential service disruption.
Path Traversal
-
CVE-2026-41377
MEDIUM
CVSS 5.1
OpenClaw before version 2026.3.31 fails to block plugin installation when security scans detect threats, allowing authenticated users to install malicious plugins by ignoring visible scan warnings. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), but enables installation of untrusted code with moderate integrity impact when exploited.
Information Disclosure
-
CVE-2026-41374
MEDIUM
CVSS 6.9
OpenClaw before version 2026.3.31 performs Discord audio preflight transcription without validating member authorization, allowing unauthenticated remote attackers to trigger resource-intensive audio processing and cause denial of service through resource exhaustion.
Denial Of Service
-
CVE-2026-41373
MEDIUM
CVSS 5.8
OpenClaw before 2026.3.31 allows authenticated users with approved host-exec requests to execute arbitrary code during build processes by overriding compiler binary environment variables (CC, CXX, CARGO_BUILD_RUSTC, CMAKE_C_COMPILER) through an incomplete host-env-security-policy.json configuration. The vulnerability requires local access and prior authentication to an OpenClaw instance, but enables full code execution with inherited privileges during compilation. No public exploit code has been identified at time of analysis.
RCE
-
CVE-2026-41372
MEDIUM
CVSS 6.9
OpenClaw before version 2026.4.2 fails to normalize trailing-dot localhost hostnames in Chrome DevTools Protocol (CDP) discovery responses, allowing attackers to bypass loopback address protections. An unauthenticated remote attacker can craft malicious CDP discovery responses that return 'localhost.' (with trailing dot) instead of the standard 'localhost', causing the browser control mechanism to treat it as a different hostname and redirect authenticated browser sessions to attacker-controlled endpoints, potentially exposing sensitive browser state and authentication tokens.
Authentication Bypass
-
CVE-2026-41367
MEDIUM
CVSS 5.3
OpenClaw versions 2026.2.14 through 2026.3.24 fail to enforce guild and channel policy gates on Discord button and component interactions, allowing authenticated users to trigger privileged component actions from contexts where those actions should be blocked. The vulnerability bypasses channel policy enforcement via policy gate inconsistency, enabling privilege escalation within Discord servers where OpenClaw is deployed.
Authentication Bypass
-
CVE-2026-41366
MEDIUM
CVSS 6.0
OpenClaw before version 2026.3.31 allows authenticated attackers to read arbitrary host files through improper validation in the appendLocalMediaParentRoots function, enabling exfiltration of credentials and sensitive data. The vulnerability permits model-initiated file access by exploiting a self-whitelisting mechanism that fails to properly validate media parent directory paths. Authentication is required, but the flaw affects confidentiality with a CVSS score of 6.0.
Information Disclosure
-
CVE-2026-41365
MEDIUM
CVSS 5.3
OpenClaw before version 2026.3.31 allows authenticated remote attackers to bypass sender allowlist filters when retrieving MS Teams thread history via Microsoft Graph API, enabling access to messages that should be restricted by security policies. The vulnerability affects organizations using OpenClaw's Teams integration and has been patched as of the specified version.
Authentication Bypass
-
CVE-2026-41363
MEDIUM
CVSS 6.0
OpenClaw versions 2026.2.6 through 2026.3.24 allow authenticated remote attackers to read arbitrary files outside configured sandbox boundaries via path traversal in the Feishu extension's resolveUploadInput function during upload_image operations. The vulnerability bypasses file-system sandbox restrictions through improper path resolution, enabling confidentiality compromise of sensitive data accessible to the application process.
Path Traversal
-
CVE-2026-41310
MEDIUM
CVSS 5.3
OpenTelemetry's Zipkin exporter for .NET allows unauthenticated remote attackers to trigger denial of service by sending spans with high-cardinality remote endpoint attributes, causing unbounded memory growth in the remote endpoint cache and eventual process degradation. CVSS 5.3 (network-accessible, low complexity). Patch available from vendor; no active exploitation identified.
Denial Of Service
-
CVE-2026-40980
MEDIUM
CVSS 6.5
Spring AI versions 1.0.0-1.0.5 and 1.1.0-1.1.4 are vulnerable to denial of service through uncontrolled resource consumption when processing maliciously crafted PDF files via the ForkPDFLayoutTextStripper component. Authenticated remote attackers can exhaust server memory and crash affected applications by uploading or processing specially designed PDFs. Vendor-released patches address the issue in versions 1.0.6 and 1.1.5.
Denial Of Service
Java
-
CVE-2026-40979
MEDIUM
CVSS 6.1
Spring AI versions 1.0.0-1.0.5 and 1.1.0-1.1.4 expose ONNX machine learning models to unauthorized disclosure when the application runs in shared hosting environments, allowing local users with limited system access to read sensitive model files and potentially reverse-engineer proprietary ML logic. The vulnerability stems from insecure temporary file handling (CWE-377) that fails to restrict file permissions on extracted model artifacts. Authentication requirements are minimal-only local system access is needed-making this a significant risk in multi-tenant cloud platforms and shared servers.
Java
Information Disclosure
-
CVE-2026-40977
MEDIUM
CVSS 4.7
Spring Boot applications configured with ApplicationPidFileWriter are vulnerable to local file corruption when a high-privilege user can write to the PID file directory. An attacker with high privileges and write access to the PID file location can corrupt arbitrary files each time the application restarts, achieving denial of service or data integrity violations. Exploitation requires local access and elevated privileges, limiting real-world impact to co-resident or insider threat scenarios. No active exploitation has been publicly reported.
Java
Information Disclosure
Red Hat
-
CVE-2026-40975
MEDIUM
CVSS 4.8
Spring Boot applications using ${random.value} for secrets generation produce cryptographically weak values unsuitable for authentication, encryption keys, or other sensitive purposes. Affected versions 2.7.0 through 4.0.5 generate predictable random values when relying on the random value property source; attackers can enumerate or predict these values to compromise confidentiality and integrity of secrets. The vulnerability does not affect ${random.uuid}, which uses a cryptographically secure implementation. Patches are available for all supported and unsupported versions.
Java
Information Disclosure
Red Hat
-
CVE-2026-40974
MEDIUM
CVSS 5.0
Spring Boot's Cassandra auto-configuration fails to verify hostnames during SSL/TLS connection establishment to Cassandra servers, enabling man-in-the-middle attackers on the local network to intercept credentials and data by presenting a valid certificate for any domain. Affects Spring Boot 2.7.0-4.0.5; vendor-released patches available for all supported versions (4.0.6, 3.5.14, 3.4.16, 3.3.19, 2.7.33). No public exploit code identified at time of analysis.
Java
Information Disclosure
-
CVE-2026-40968
MEDIUM
CVSS 4.2
Spring gRPC 1.0.0 through 1.0.2 inherits authenticated user identity on gRPC worker threads after access denial, allowing a subsequent unauthenticated request on the same thread to gain escalated permissions. The vulnerability requires an authenticated attacker with prior knowledge of thread reuse patterns and affects only configurations where both authenticated and unauthenticated requests share gRPC worker threads. A patch is available in version 1.0.3.
Privilege Escalation
Java
-
CVE-2026-40966
MEDIUM
CVSS 5.9
Spring AI fails to properly isolate conversation contexts when user-supplied input is passed directly as conversationId to VectorStoreChatMemoryAdvisor, allowing remote unauthenticated attackers to inject filter logic that exfiltrates sensitive data from other users' chat histories, including secrets and credentials. Exploitation requires moderately complex attack construction (AC:H) but no user interaction, affecting only applications with the specific vulnerable configuration pattern.
Authentication Bypass
Java
-
CVE-2026-40552
MEDIUM
CVSS 4.7
Remote command execution in mpGabinet 23.12.19 and below allows authenticated database administrators or unauthenticated attackers (via chained exploitation of CVE-2026-40550 and CVE-2026-40551) to achieve system command execution by manipulating attachment storage paths in the database to reference attacker-controlled resources that execute when users open the files. The vulnerability requires direct database access and user interaction to trigger execution, but becomes unauthenticated when chained with companion CVE vulnerabilities that grant database and application access.
Information Disclosure
-
CVE-2026-40550
MEDIUM
CVSS 6.9
mpGabinet 23.12.19 and earlier suffers from privilege escalation due to excessive database privileges assigned to the application service account. An attacker with local access to extract database credentials from the application process memory gains administrative database access, enabling unauthorized actions beyond what the application interface permits. CVSS 6.9 indicates high confidentiality impact from local access without authentication; no active exploitation confirmed in CISA KEV at time of analysis.
Privilege Escalation
-
CVE-2026-40356
MEDIUM
CVSS 5.9
Integer underflow in MIT Kerberos 5 before version 1.22.3 allows unauthenticated remote attackers to trigger an out-of-bounds read via crafted NegoEx mechanism messages processed by gss_accept_sec_context(), resulting in denial of service through process termination. The vulnerability requires NegoEx to be registered in the system's GSS mechanism configuration (/etc/gss/mech), limiting exposure in default deployments but affecting Kerberos-enabled authentication services where this mechanism is explicitly enabled.
Buffer Overflow
Integer Overflow
Red Hat
Suse
-
CVE-2026-40355
MEDIUM
CVSS 5.9
NULL pointer dereference in MIT Kerberos 5 before version 1.22.3 allows unauthenticated remote attackers to trigger denial of service by sending specially crafted messages to systems with NegoEx mechanism registered, causing gss_accept_sec_context() to crash during message parsing. The vulnerability requires high attack complexity due to NegoEx mechanism registration dependency but results in service termination with no authentication required.
Denial Of Service
Null Pointer Dereference
Red Hat
Suse
-
CVE-2026-40296
MEDIUM
CVSS 5.4
It was discovered that there is a way to bypass HTML escaping in the HTML writer using custom number format codes.
## The Problem
In `Writer/Html.php` around line 1592, the code checks if the formatted cell data equals the original data to decide whether to apply `htmlspecialchars()`:
```php
if (...
PHP
XSS
-
CVE-2026-38948
MEDIUM
CVSS 5.4
Cross-Site Scripting (XSS) via malicious SVG upload in FUEL CMS v1.5.2 and earlier allows low-privileged authenticated users to execute arbitrary JavaScript in the context of other users' browsers through the asset upload functionality. The vulnerability stems from inadequate sanitization of SVG file contents during upload, enabling attackers with valid credentials to craft weaponized SVG files that execute when viewed by administrators or other site visitors. No active exploitation in CISA KEV confirmed; CVSS 5.4 reflects moderate impact with user interaction requirement.
XSS
-
CVE-2026-37750
MEDIUM
CVSS 6.1
A reflected Cross-Site Scripting (XSS) vulnerability in School Management System by mahmoudai1 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim's browsers via the unsanitized type parameter in register.php.
PHP
XSS
-
CVE-2026-35453
MEDIUM
CVSS 4.8
### Summary
The HTML Writer in PhpSpreadsheet bypasses `htmlspecialchars()` output escaping when a cell uses a custom number format containing the `@` text placeholder with additional literal text (e.g., `@ "items"` or `"Total: "@`). This allows an attacker to inject arbitrary HTML and JavaScript in...
PHP
XSS
-
CVE-2026-33467
MEDIUM
CVSS 5.9
Improper Verification of Cryptographic Signature (CWE-347) in Elastic Package Registry could allow an attacker positioned to intercept network traffic, or to otherwise influence the contents served to a self-hosted registry, to substitute a tampered package without the integrity check failing closed...
Information Disclosure
Elastic
Jwt Attack
-
CVE-2026-32699
MEDIUM
CVSS 5.3
### Summary
The application fails to validate the ```nick``` parameter during a ```POST``` request to the ```EditUser``` controller. Although the UI prevents editing this field, a user can bypass this restriction using a proxy to rename any account (including the Administrator). This leads to Broken...
Authentication Bypass
-
CVE-2026-30246
MEDIUM
CVSS 6.5
### Summary
Fiber cache middleware's default key generator uses only `c.Path()` and does not include the query string.
As a result, requests like `/?id=1` and `/?id=2` can map to the same cache key and share the same cached response.
This can cause response mix-up (cache poisoning-like behavior) fo...
Information Disclosure
-
CVE-2026-24231
MEDIUM
CVSS 6.3
Server-side request forgery in NVIDIA NemoClaw's validateEndpointUrl() function allows local attackers with user interaction to supply crafted endpoint URLs targeting the 0.0.0.0/8 address range via blueprint configuration files or CLI flags, leading to information disclosure. The vulnerability affects all versions of NemoClaw and requires local access with user interaction to trigger, limiting exposure to systems where untrusted users can modify configuration or invoke CLI commands.
Information Disclosure
SSRF
Nvidia
-
CVE-2026-24204
MEDIUM
CVSS 6.5
NVIDIA Flare SDK is vulnerable to path traversal via improper input validation, allowing authenticated remote attackers to disclose sensitive information. The vulnerability affects all versions of the SDK and requires valid user credentials to exploit, making it a moderate-risk issue for organizations using Flare in multi-user environments. No public exploit code or active exploitation has been identified.
Information Disclosure
Nvidia
-
CVE-2026-7340
MEDIUM
CVSS 4.3
Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
Buffer Overflow
Google
Microsoft
Red Hat
Suse
-
CVE-2026-7319
MEDIUM
CVSS 5.5
A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function _get_context_file_path of the file src/execution_system_mcp/server.py of the component add_action Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remot...
Path Traversal
-
CVE-2026-7316
MEDIUM
CVSS 5.5
A vulnerability has been found in eiliyaabedini aider-mcp up to 667b914301aada695aab0e46d1fb3a7d5e32c8af. Affected is an unknown function of the file aider_mcp.py of the component code_with_ai. The manipulation of the argument working_dir/editable_files leads to command injection. The attack may be ...
Command Injection
-
CVE-2026-7315
MEDIUM
CVSS 5.5
A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function get_pdf_path of the file src/spire_pdf_mcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The explo...
Path Traversal
-
CVE-2026-7314
MEDIUM
CVSS 5.5
A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function get_doc_path of the file src/spire_doc_mcp/api/base.py. Performing a manipulation of the argument document_name results in path traversal. The attack can be initiated remotely. The exploit is now public an...
Path Traversal
-
CVE-2026-7309
MEDIUM
CVSS 4.3
OpenShift Container Platform build system allows authenticated users with the edit ClusterRole to inject arbitrary environment variables into docker-build containers via the buildconfigs/instantiate API, enabling information disclosure attacks such as build traffic interception through LD_PRELOAD or http_proxy manipulation. This represents an incomplete remediation of a prior vulnerability, affecting confidentiality of sensitive build data with CVSS 4.3 (network-accessible, low complexity, authenticated). No public exploit code or active exploitation has been confirmed at the time of analysis.
Information Disclosure
Docker
-
CVE-2026-7272
MEDIUM
CVSS 5.5
Path traversal in WilliamCloudQi matlab-mcp-server allows remote unauthenticated attackers to manipulate the scriptPath argument in the generate_matlab_code and execute_matlab_code functions, enabling unauthorized file system access with confidentiality and integrity impact. The vulnerability affects versions up to commit ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca, has publicly available exploit code, and the vendor has not yet responded to early disclosure notification.
Path Traversal
-
CVE-2026-7271
MEDIUM
CVSS 5.5
Path traversal in DV0x creative-ad-agent server component (up to commit 751b9e5146604dc65049bd0f62dcbdad6212f8a3) allows remote unauthenticated attackers to read arbitrary files via manipulation of req.params arguments in server/sdk-server.ts. Public exploit code is available. CVSS 5.5 reflects low confidentiality impact with network-accessible attack vector and no authentication requirement.
Path Traversal
-
CVE-2026-7237
MEDIUM
CVSS 5.5
Path traversal in AgiFlow scaffold-mcp's write-to-file tool allows remote unauthenticated attackers to read, write, or delete arbitrary files on the server by manipulating the file_path parameter. Versions up to 1.0.27 are affected. Public exploit code exists (GitHub issue #88), enabling attackers to bypass directory restrictions and access sensitive files or overwrite critical system files. CVSS 7.3 (High) with network attack vector and no authentication required. Vendor-released patch available in version 1.1.0 (commit c4d23592).
Path Traversal
-
CVE-2026-7235
MEDIUM
CVSS 5.5
Path traversal vulnerability in ErlichLiu claude-agent-sdk-master allows remote unauthenticated attackers to read arbitrary files by manipulating the outputFile parameter in app/api/agent-output/route.ts. The vulnerability has a CVSS score of 5.3 (low integrity impact) and publicly available exploit code exists, though the project uses rolling releases and the maintainer has not yet responded to disclosure.
Path Traversal
-
CVE-2026-7234
MEDIUM
CVSS 5.5
Path traversal in browser-operator-core versions up to 0.6.0 allows remote unauthenticated attackers to read, write, and potentially delete arbitrary files on the server by manipulating the request.url parameter in the startsWith function of server.js. Publicly available exploit code exists (GitHub issue #96), enabling trivial exploitation with no user interaction. CVSS 7.3 reflects network-exploitable attack with low impact across confidentiality, integrity, and availability. No vendor response or patch released despite early responsible disclosure via issue report. This is a critical supply chain risk for any systems running the affected BrowserOperator component server.
Path Traversal
-
CVE-2026-7228
MEDIUM
CVSS 5.5
SQL injection in Pizzafy Ecommerce System 1.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via the ID parameter in the get_cart_count function at /admin/ajax.php. CVSS scores 7.3 (High) with network attack vector, low complexity, and no authentication required. Public exploit code exists on GitHub, significantly lowering the barrier to exploitation. EPSS data not available, but the combination of public exploit, low attack complexity (AC:L), and no authentication (PR:N) indicates moderate-to-high real-world risk for internet-facing installations.
PHP
SQLi
-
CVE-2026-7227
MEDIUM
CVSS 5.5
SQL injection in Pizzafy Ecommerce System 1.0 allows remote unauthenticated attackers to compromise database confidentiality, integrity, and availability via the email parameter in the admin login function. The vulnerability exists in /admin/ajax.php?action=login and has a publicly available proof-of-concept exploit on GitHub. With CVSS 7.3 (High) and confirmed POC, this represents an immediate risk to internet-exposed admin panels, though no active exploitation has been confirmed by CISA KEV at time of analysis.
PHP
SQLi
-
CVE-2026-7226
MEDIUM
CVSS 5.5
SQL injection in SourceCodester Pizzafy Ecommerce System 1.0 allows remote unauthenticated attackers to compromise database confidentiality, integrity, and availability through the login2 function. The vulnerability exists in /admin/ajax.php when processing the email parameter during administrative login, enabling attackers to bypass authentication, extract sensitive data, modify records, or disrupt service. A proof-of-concept exploit has been publicly released on GitHub, significantly lowering the barrier to exploitation. CVSS 7.3 (High) reflects network-accessible attack surface with no authentication required and low attack complexity.
PHP
SQLi
-
CVE-2026-7225
MEDIUM
CVSS 5.5
SQL injection in SourceCodester Pizzafy Ecommerce System 1.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via the ID parameter in the delete_menu function of /admin/ajax.php. Public exploit code is available on GitHub, enabling database extraction, authentication bypass, and potential administrative access. CVSS 7.3 reflects network-accessible attack with no authentication required, though actual exploitation targets the administrative backend endpoint.
PHP
SQLi
-
CVE-2026-7224
MEDIUM
CVSS 5.5
SQL injection in SourceCodester Pizzafy Ecommerce System 1.0 allows unauthenticated remote attackers to extract, modify, or delete database contents via the ID parameter in /admin/ajax.php?action=delete_cart endpoint. Publicly available exploit code exists (GitHub POC), enabling immediate weaponization. CVSS 7.3 indicates network-based exploitation with no authentication barriers, granting partial confidentiality, integrity, and availability impact. Despite high CVSS and public POC, this affects a niche open-source e-commerce platform with limited deployment footprint.
PHP
SQLi
-
CVE-2026-7223
MEDIUM
CVSS 5.5
Server-side request forgery (SSRF) in BigSweetPotatoStudio HyperChat up to version 2.0.0-alpha.63 allows remote unauthenticated attackers to manipulate the baseurl argument in the AI Proxy Middleware component, enabling arbitrary HTTP requests from the affected server. The vulnerability has a publicly available exploit and CVSS 6.9 score reflecting confidentiality, integrity, and availability impact at the network level with low complexity. The vendor has not responded to early disclosure notification through the project's GitHub issue tracker.
SSRF
-
CVE-2026-7221
MEDIUM
CVSS 5.5
Server-side request forgery (SSRF) in TencentCloudBase CloudBase-MCP through version 2.17.0 allows remote unauthenticated attackers to manipulate the open-url API endpoint by injecting arbitrary URLs via the req.body.url parameter, enabling attackers to make unauthorized requests from the server to internal or external resources. The vulnerability has publicly available exploit code and affects the openUrl function in mcp/src/interactive-server.ts. Vendor-released patch version 2.17.1 is available.
SSRF
-
CVE-2026-7220
MEDIUM
CVSS 5.5
OS command injection in jackwrichards FastlyMCP allows remote unauthenticated attackers to execute arbitrary system commands via manipulation of the command argument in the fastly_cli Tool component. The vulnerability exists in fastly-mcp.mjs and has been disclosed publicly with exploit code available, though the project operates on a rolling release model with no versioned releases and has not yet responded to early disclosure notifications.
Command Injection
-
CVE-2026-7217
MEDIUM
CVSS 5.5
Absolute path traversal in Deepractice PromptX up to version 2.4.0 allows remote unauthenticated attackers to read arbitrary files from the server by manipulating the path argument in document file handling functions (read_docx, read_xlsx, read_pptx, list_xlsx_sheets, read_pdf). Publicly available exploit code exists and the vendor has not responded to early disclosure, though CVSS 5.3 (AV:N/AC:L/PR:N/UI:N) indicates moderate information disclosure risk with no integrity or availability impact.
Path Traversal
Microsoft
-
CVE-2026-7216
MEDIUM
CVSS 5.5
Path traversal in processing-claude-mcp-bridge's create_sketch tool allows remote unauthenticated attackers to read, write, or delete arbitrary files on the server by manipulating the sketch_name parameter in processing_server.py. Public exploit code exists via GitHub issue #1, enabling straightforward attacks against exposed instances. EPSS data not available, but CVSS 7.3 (High) with network vector and no authentication requirements indicates significant risk for internet-facing deployments. Project maintainer has not responded to vulnerability disclosure, leaving no vendor-confirmed patch timeline.
Path Traversal
-
CVE-2026-7215
MEDIUM
CVSS 5.5
Remote command injection in egtai gmx-vmd-mcp through version 0.1.0 enables unauthenticated attackers to execute arbitrary system commands by injecting malicious payloads into the structure_file or trajectory_file parameters of the VMD Launch Handler in mcp_server.py. A public proof-of-concept exploit exists (GitHub issue #2), significantly lowering the barrier to exploitation. The vendor has not responded to responsible disclosure attempts, leaving users without an official patch.
Command Injection
-
CVE-2026-7214
MEDIUM
CVSS 5.5
Path traversal in eghuzefa engineer-your-data up to version 0.1.3 allows remote attackers to read, write, list, and obtain information about arbitrary files via manipulation of the WORKSPACE_PATH argument in the read_file, write_file, list_files, and file_inf functions within src/server.py. Publicly available exploit code exists, and the vendor has been notified but has not yet responded with a fix.
Path Traversal
-
CVE-2026-7213
MEDIUM
CVSS 5.5
Path traversal in ef10007 MLOps_MCP 1.0.0 allows remote unauthenticated attackers to write files to arbitrary filesystem locations via manipulation of the filename/destination argument in the save_file tool of fastmcp_server.py. Publicly available exploit code exists, and the vendor has not responded to early disclosure notification, leaving affected deployments without an official patch.
Path Traversal
-
CVE-2026-7212
MEDIUM
CVSS 5.5
Path traversal in edvardlindelof notes-mcp up to version 0.1.4 allows remote unauthenticated attackers to read or manipulate files outside the intended directory by manipulating the root_dir or path arguments in notes_mcp.py. The vulnerability has a publicly available exploit and a CVSS score of 6.9, but the vendor has not responded to the early disclosure through issue tracking.
Path Traversal
-
CVE-2026-7211
MEDIUM
CVSS 5.5
Command injection in dvladimirov MCP up to version 0.1.0 allows remote unauthenticated attackers to execute arbitrary system commands via manipulation of the repo_url or pattern arguments in the GitSearchRequest function of mcp_server.py. The vulnerability has a publicly available exploit and CVSS 6.9 score indicating moderate severity with network-accessible attack vector and low complexity, though the vendor has not responded to the early disclosure.
Command Injection
-
CVE-2026-7206
MEDIUM
CVSS 5.5
SQL injection in dubydu sqlite-mcp up to version 0.1.0 allows remote attackers to manipulate the output_filename parameter in the extract_to_json function, enabling arbitrary SQL command execution. The vulnerability has publicly available exploit code and affects all default installations without authentication requirements.
SQLi
-
CVE-2026-7205
MEDIUM
CVSS 5.5
Path traversal in duartium papers-mcp-server allows remote unauthenticated attackers to access arbitrary files on the server by manipulating the topic argument in the search_papers function. The vulnerability affects commit 9ceb3812a6458ba7922ca24a7406f8807bc55598 and is publicly exploitable with proof-of-concept code available; the vendor has been notified via issue report but has not yet responded.
Path Traversal
-
CVE-2026-6809
MEDIUM
CVSS 6.4
Stored Cross-Site Scripting in Social Post Embed plugin for WordPress up to version 2.0.1 allows authenticated attackers with Contributor-level access to inject arbitrary JavaScript into page content via the Threads embed handler due to insufficient input sanitization and output escaping. Injected scripts execute when any user views the affected page, enabling session hijacking, credential theft, or malware distribution from trusted WordPress sites. No public exploit code or active exploitation has been identified at the time of analysis.
WordPress
XSS
-
CVE-2026-6807
MEDIUM
CVSS 5.5
XML External Entity (XXE) injection in GRASSMARLIN v3.2.1 allows authenticated local users to extract sensitive information through crafted session data that exploits insufficient XML parser hardening. The vulnerability has a CVSS score of 5.5 with local attack vector and high confidentiality impact, affecting users with login credentials on systems running the affected version.
XXE
-
CVE-2026-6725
MEDIUM
CVSS 6.4
Stored cross-site scripting in WPC Smart Messages for WooCommerce plugin through version 4.2.8 allows authenticated attackers with contributor-level access to inject arbitrary JavaScript via the 'text' attribute of the wpcsm_text_rotator shortcode, resulting in execution whenever users view affected pages. The vulnerability stems from insufficient input sanitization and output escaping. No active exploitation confirmed; patch available in version 4.2.9.
WordPress
XSS
-
CVE-2026-6706
MEDIUM
CVSS 6.5
Improper
access control in the vault documentation feature in Devolutions Server
2026.1.14.0 and earlier allows an authenticated attacker to read documentation content from unauthorized vaults via a crafted API request.
Authentication Bypass
Hashicorp
-
CVE-2026-6551
MEDIUM
CVSS 6.4
Stored Cross-Site Scripting in Timeline Blocks for Gutenberg WordPress plugin through version 1.1.10 allows authenticated contributors and above to inject arbitrary JavaScript via the 'titleTag' attribute of the timeline-blocks/tb-timeline-blocks block, executing malicious scripts whenever any user views the affected page. The vulnerability stems from insufficient input sanitization and output escaping on user-supplied block attributes. Exploitation requires WordPress contributor-level access or higher and affects all versions up to 1.1.10.
WordPress
XSS
-
CVE-2026-6238
MEDIUM
CVSS 6.5
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a targ...
Buffer Overflow
Red Hat
Suse
-
CVE-2026-5944
MEDIUM
CVSS 6.7
Unauthenticated network attackers can access an exposed API passthrough endpoint on TCP port 7373 in Cisco Intersight Device Connector for Nutanix Prism Central, enabling enumeration of cluster metadata and invocation of cluster maintenance workflows that may disrupt active workloads. The vulnerability stems from missing authentication controls on a network-accessible service endpoint and carries a CVSS 6.7 score reflecting high availability impact despite limited confidentiality and integrity exposure. No public exploit code or active exploitation has been confirmed, but the attack requires no special conditions beyond network access to the deployment environment.
Authentication Bypass
Cisco
-
CVE-2026-5794
MEDIUM
CVSS 4.9
A vulnerability affecting the detailed versions of Cryptobox allows a legitimate user to prevent another to login by triggering an account lockout via sending a specially crafted request.
Information Disclosure
Cryptobox
-
CVE-2026-5306
MEDIUM
CVSS 5.4
Stored XSS vulnerability in Check & Log Email WordPress plugin before version 2.0.13 allows authenticated users with low privileges to inject malicious scripts via improper email replacement handling when the email encoder setting is enabled. The vulnerability requires user interaction (UI:R) to execute, affecting confidentiality and integrity with cross-site scope. Publicly available exploit code exists but exploitation probability remains low (EPSS 0.05%, percentile 17%), indicating this is not a widely targeted vulnerability despite public awareness.
WordPress
XSS
-
CVE-2026-4911
MEDIUM
CVSS 5.3
Booking Package plugin for WordPress up to version 1.7.06 allows unauthenticated attackers to manipulate booking prices via the intentForStripe() function, which accepts unsanitized $_POST['amount'] values and passes them directly to the Stripe PaymentIntent API without validation. The vulnerability is compounded by commented-out code in CreditCard.php that would normally enforce server-calculated pricing, enabling attackers to complete bookings at arbitrary prices (e.g., $0.01 instead of $500.00) with no authentication required. This is a confirmed price manipulation vulnerability with no active KEV exploitation reported but represents significant financial fraud risk.
PHP
WordPress
RCE
-
CVE-2026-4805
MEDIUM
CVSS 6.4
Stored cross-site scripting (XSS) in the Woostify WordPress plugin through version 2.5.0 allows authenticated attackers with Contributor-level access and above to inject arbitrary JavaScript into pages via unsanitized href attributes in the bundled Lity.js lightbox library. The injected scripts execute in the browsers of any user visiting the compromised page, enabling account takeover, credential theft, and malware distribution. No public exploit code has been identified at the time of analysis, but the vulnerability requires only low complexity network access with authenticated credentials.
WordPress
XSS
-
CVE-2026-0711
MEDIUM
CVSS 6.8
Command injection in EasyMesh APIs of Zyxel DX3300-T0 firmware through version 5.50(ABVY.7.1)C0 allows authenticated administrators with adjacent network access to execute arbitrary OS commands on the device. The vulnerability requires both administrator privileges and adjacent network positioning (AV:A), significantly limiting exposure to local network attackers rather than remote threat actors. CVSS 6.8 reflects high confidentiality, integrity, and availability impact but is constrained by elevated privilege and adjacency requirements.
Command Injection
Zyxel
-
CVE-2025-60887
MEDIUM
CVSS 5.3
Insecure deserialization in Cista v0.15 and below allows remote unauthenticated attackers to leak stack and heap addresses through reference tampering in the cista::raw namespace, potentially defeating ASLR protections. The vulnerability arises from insufficient validation of pointer-like objects during deserialization, enabling attackers to observe deserialized values and extract memory layout information for subsequent exploitation.
Deserialization
-
CVE-2025-10539
MEDIUM
CVSS 4.8
Remote code execution in DeskTime Time Tracking App before version 1.3.674 via improper TLS certificate validation allows network-positioned attackers to serve malicious executables during application updates without requiring user interaction. The vulnerability exploits the update mechanism's failure to properly validate TLS certificates, enabling an attacker in a man-in-the-middle position to achieve user-level code execution. EPSS score of 0.02% suggests low real-world exploitation probability despite RCE severity, likely due to the requirement for network positioning and the attack's reliance on coinciding update requests.
RCE
-
CVE-2026-42421
LOW
CVSS 2.3
OpenClaw before 2026.4.8 contains a session management vulnerability where existing WebSocket sessions survive shared gateway token rotation. Attackers can maintain unauthorized access to WebSocket connections after token rotation by exploiting the failure to disconnect existing shared-token session...
Authentication Bypass
-
CVE-2026-41916
LOW
CVSS 2.3
OpenClaw before 2026.4.8 contains an authentication state management vulnerability where the resolvedAuth closure becomes stale after configuration reload. Newly accepted gateway connections continue using outdated resolved auth state, allowing attackers to bypass authentication controls through con...
Authentication Bypass
-
CVE-2026-41910
LOW
CVSS 2.3
OpenClaw before 2026.4.8 omits owner-only enforcement for cross-channel allowlist writes in the /allowlist endpoint. An authorized non-owner sender can bypass access controls to perform allowlist modifications against different channels, violating the intended trust model.
Authentication Bypass
-
CVE-2026-41408
LOW
CVSS 2.3
OpenClaw before 2026.3.31 contains a resource exhaustion vulnerability in media downloads that bypasses core safety limits for file size, count, and cleanup operations. Attackers can exhaust disk space by downloading media files without triggering intended safety restrictions, causing availability i...
Denial Of Service
-
CVE-2026-41406
LOW
CVSS 2.3
OpenClaw before version 2026.3.31 contains a sender allowlist bypass vulnerability allowing remote attackers to access restricted messages by exploiting quoted, root, and thread context message retrieval mechanisms. The vulnerability affects default configurations and requires user interaction (CVSS UI:P), making it a moderate-risk authentication bypass that undermines message access controls.
Authentication Bypass
-
CVE-2026-41402
LOW
CVSS 2.3
OpenClaw before version 2026.3.31 allows authenticated attackers to bypass webhook replay protection through overly broad cache keying, enabling delivery of duplicate webhook messages to unintended sibling targets when the same messageId is reused. The vulnerability exploits insufficient scope isolation in the webhook replay cache deduplication mechanism, allowing message replay across organizational boundaries within a single authentication context.
Authentication Bypass
-
CVE-2026-41398
LOW
CVSS 2.1
OpenClaw before version 2026.4.2 improperly trusts local-network pages in its iOS A2UI bridge, allowing attackers to inject unauthorized agent.request commands by serving malicious content from local-network or tailnet hosts. This can pollute session state and consume user budget without authentication, though exploitation requires user interaction and proximity to the target network.
Authentication Bypass
Apple
-
CVE-2026-41382
LOW
CVSS 2.3
OpenClaw before version 2026.3.31 allows authenticated attackers to bypass authorization controls on Discord voice channels through exploitation of stale-role validation gaps and improper channel name validation, enabling unauthorized access to restricted voice channels that should be protected by member and channel allowlists. The vulnerability requires valid Discord credentials but enables privilege escalation within voice channel access controls. No public exploit code has been identified at the time of analysis.
Authentication Bypass
-
CVE-2026-41381
LOW
CVSS 2.3
OpenClaw before version 2026.3.31 contains an access control bypass in its Discord voice manager that allows authenticated attackers to send voice ingress requests before channel allowlist authorization checks are enforced, gaining unauthorized access to restricted voice channels. The vulnerability exploits a race condition or authorization sequencing flaw in the voice channel access control mechanism, affecting deployments with member-level access restrictions.
Authentication Bypass
-
CVE-2026-41376
LOW
CVSS 2.3
OpenClaw before version 2026.3.31 fails to properly validate message senders in Matrix thread root and reply context handling, allowing remote unauthenticated attackers to bypass sender allowlists and access filtered messages. The vulnerability requires user interaction and has low attack complexity, but impact is limited to information disclosure of message context that should have been restricted by access controls.
Authentication Bypass
-
CVE-2026-41362
LOW
CVSS 2.3
OpenClaw versions 2026.2.19 before 2026.3.31 allow authenticated attackers to suppress legitimate webhook events across different accounts in multi-tenant deployments by exploiting improper cache isolation in the Zalo webhook replay-deduplication mechanism. An attacker with control of one authenticated Zalo webhook path can match event_name and message_id parameters to suppress events on victim accounts, causing denial of service to webhook processing. No public exploit code or active exploitation has been identified, though the vulnerability requires valid authentication and incremental exploitation (AT:P), limiting immediate risk.
Information Disclosure
-
CVE-2026-40969
LOW
CVSS 3.7
Spring gRPC versions 1.0.0 through 1.0.2 leak sensitive authentication failure details in gRPC status descriptions to unauthenticated remote callers, enabling reconnaissance for follow-up attacks. The vulnerability exposes raw server-side AuthenticationException messages without sanitization, providing attackers with information about authentication mechanisms and potential weaknesses. This low-severity information disclosure (CVSS 3.7) requires high attack complexity but affects default configurations.
Java
Information Disclosure
-
CVE-2026-40556
LOW
CVSS 2.1
GNU nano creates the ~/.local directory with world-writable permissions (0777) on first use of XDG data storage features when the directory does not exist, allowing local attackers in systems with relaxed umasks (such as containers, CI/CD runners, or environments with umask 000) to write attacker-controlled files into the victim's XDG directory hierarchy via a race condition. The vulnerability affects nano versions before 9.0 and carries a CVSS score of 2.1 with CISA SSVC assessment indicating partial technical impact but no known public exploitation.
Information Disclosure
-
CVE-2026-7360
LOW
CVSS 3.1
Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)
Authentication Bypass
Google
-
CVE-2026-7351
LOW
CVSS 3.1
Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: High)
Information Disclosure
Google
Race Condition
-
CVE-2026-7318
LOW
CVSS 2.0
A vulnerability was detected in elie mcp-project 0.1.0. The affected element is the function search_papers of the file research_server.py. The manipulation of the argument topic results in path traversal. Attacking locally is a requirement. The exploit is now public and may be used. The project was ...
Path Traversal
-
CVE-2026-7317
LOW
CVSS 1.3
A vulnerability was found in Grav CMS up to 1.7.49.5/2.0.0-beta.1. Affected by this vulnerability is the function FileCache::doGet of the file system/src/Grav/Framework/Cache/Adapter/FileCache.php of the component Cache Value Handler. The manipulation results in deserialization. The attack may be la...
PHP
Deserialization
-
CVE-2026-7306
LOW
CVSS 2.9
A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument default_token...
Java
Information Disclosure
-
CVE-2026-7305
LOW
CVSS 2.1
A weakness has been identified in Xuxueli xxl-job up to 3.3.2. The affected element is the function triggerJob of the file xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java of the component trigger Endpoint. This manipulation of the argument addressList causes server-...
Java
SSRF
-
CVE-2026-7303
LOW
CVSS 2.9
A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Impacted is the function logDetailCat of the file xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobLogController.java of the component Execution Log Handler. The manipulation of the argument logId results in improper ...
Java
Information Disclosure
-
CVE-2026-7297
LOW
CVSS 1.9
A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be executed remotely. The expl...
PHP
XSS
-
CVE-2026-7296
LOW
CVSS 1.9
A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_order of the file /admin/ajax.php?action=save_order. Performing a manipulation of the argument first_name results in cross site scripting. Remote exploitation of the attack is possible. The explo...
PHP
XSS
-
CVE-2026-7295
LOW
CVSS 1.9
A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has bee...
PHP
XSS
-
CVE-2026-7294
LOW
CVSS 1.9
Cross-site scripting (XSS) in SourceCodester Pizzafy Ecommerce System 1.0 allows authenticated high-privilege administrators to inject malicious scripts via the Name parameter in the /admin/index.php?page=save_settings endpoint, exploited when an admin visits a crafted link. The vulnerability requires high privilege level (admin) and user interaction (UI:P), limiting but not eliminating real-world risk in environments with untrusted admins or admin account compromise. Publicly available exploit code exists.
PHP
XSS
-
CVE-2026-7293
LOW
CVSS 2.0
SQL injection in SourceCodester Pizzafy Ecommerce System 1.0 allows authenticated remote attackers to execute arbitrary SQL commands via the ID parameter in the delete_category function (/admin/ajax.php?action=delete_category). The vulnerability requires high-privilege authentication but enables limited confidentiality and integrity impact. Publicly available exploit code exists, elevating real-world risk despite the moderate CVSS score of 5.1.
PHP
SQLi
-
CVE-2026-7292
LOW
CVSS 2.9
Improper authorization in o2oa up to version 10.0 allows remote attackers to bypass authentication via the syncFile function in NodeAgent.java, leading to unauthorized access to file operations. The vulnerability requires high attack complexity and has publicly available exploit code, though no active exploitation in the wild has been confirmed at this time.
Authentication Bypass
Java
-
CVE-2026-7291
LOW
CVSS 2.1
Server-side request forgery (SSRF) in o2oa up to version 10.0 allows authenticated remote attackers to manipulate the fileUrl parameter in the FileAction component to trigger arbitrary HTTP requests from the server. The vulnerability requires authenticated access (PR:L) but can facilitate attacks against internal services, exfiltrate sensitive data, or pivot to backend systems. Publicly available exploit code exists, and the vendor has not yet responded to early notification.
Java
SSRF
-
CVE-2026-7290
LOW
CVSS 2.1
SQL injection in JeecgBoot up to version 3.9.1 allows authenticated remote attackers to execute arbitrary SQL commands through the loadDict endpoint by manipulating the keyword parameter in the SqlInjectionUtil function. The vulnerability has a CVSS score of 6.3 with network-accessible attack vector, and publicly available exploit code exists; patch availability is confirmed via GitHub commit a9c8e8eb1185751c4c3c68d2a53f3dadee9edc6b.
Java
SQLi
-
CVE-2026-7283
LOW
CVSS 2.0
SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows authenticated remote attackers to execute arbitrary SQL commands via the ID parameter in the save_expired function of /ajax.php. The vulnerability affects an administrative interface endpoint and has publicly available exploit code. CVSS 5.1 reflects low confidentiality, integrity, and availability impact despite network accessibility due to high-privilege requirement (PR:H).
PHP
SQLi
-
CVE-2026-7282
LOW
CVSS 2.0
SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows authenticated high-privilege attackers to manipulate the ID parameter in the delete_expired function via /ajax.php?action=delete_expired, enabling remote database query manipulation with confidentiality, integrity, and availability impact. Publicly available exploit code exists and the vulnerability has been documented by VulDB.
PHP
SQLi
-
CVE-2026-7281
LOW
CVSS 1.9
Stored cross-site scripting (XSS) in SourceCodester Pharmacy Sales and Inventory System 1.0 allows authenticated remote attackers with high privileges to inject malicious scripts via the Name parameter in the supplier management function (/index.php?page=supplier), affecting users who view the poisoned supplier records. The vulnerability requires user interaction (clicking a malicious link) and has CVSS 4.8 with publicly available proof-of-concept code, though it is limited to high-privileged users (PR:H) and causes only integrity impact (VI:L) without confidentiality or availability compromise.
PHP
XSS
-
CVE-2026-7269
LOW
CVSS 1.9
Reflected cross-site scripting in SourceCodester Pharmacy Sales and Inventory System 1.0 allows authenticated remote attackers to inject malicious scripts via the ID parameter in /index.php?page=product, requiring user interaction to trigger payload execution. CVSS 4.8 with public exploit code availability (E:P) indicates low immediate risk despite network accessibility, constrained by high privilege requirement (PR:H) and user interaction dependency (UI:P).
PHP
XSS
-
CVE-2026-7268
LOW
CVSS 2.1
SQL injection in SourceCodester Pizzafy Ecommerce System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the Name parameter in the save_category function at /admin/ajax.php. The vulnerability requires valid administrative credentials but poses moderate confidentiality, integrity, and availability risk. Publicly available exploit code exists and EPSS score of 0.84 indicates high exploitation probability despite the authentication gate.
PHP
SQLi
-
CVE-2026-7267
LOW
CVSS 2.1
SQL injection in SourceCodester Pizzafy Ecommerce System 1.0 via the ID parameter in /view_prod.php allows authenticated remote attackers to execute arbitrary SQL queries with low complexity and no user interaction required. The vulnerability has a publicly available exploit and CVSS score of 6.3 reflecting moderate impact on confidentiality, integrity, and availability. Active exploitation is not yet confirmed in CISA KEV, but public proof-of-concept code exists.
PHP
SQLi
-
CVE-2026-7266
LOW
CVSS 2.1
SQL injection in SourceCodester Pizzafy Ecommerce System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the ID parameter in the save_order function at /admin/ajax.php?action=save_order, potentially enabling data exfiltration, modification, or deletion. Publicly available exploit code exists and the vulnerability carries a CVSS score of 6.3 with low complexity, indicating moderate real-world risk despite requiring login credentials.
PHP
SQLi
-
CVE-2026-7265
LOW
CVSS 2.1
SQL injection in SourceCodester Pizzafy Ecommerce System 1.0 allows authenticated remote attackers to read, modify, or delete database contents through the ID parameter in the category function (pizza/index.php?page=category). The vulnerability has publicly available exploit code and requires valid user authentication to exploit, making it a moderate-risk issue suitable for immediate patching in production environments.
PHP
SQLi
-
CVE-2026-7264
LOW
CVSS 2.1
SQL injection in SourceCodester Pizzafy Ecommerce System 1.0 allows authenticated remote attackers to manipulate the ID parameter in the get_cart_items AJAX function (/admin/ajax.php?action=get_cart_items) to execute arbitrary SQL queries and extract, modify, or delete database contents. The vulnerability has a CVSS score of 6.3 with publicly available exploit code, posing moderate risk to affected installations.
PHP
SQLi
-
CVE-2026-7238
LOW
CVSS 2.0
Unrestricted file upload vulnerability in code-projects Online Music Site 1.0 allows authenticated high-privilege administrators to upload arbitrary files via the txtimage parameter in AdminUpdateAlbum.php, potentially leading to remote code execution. The vulnerability is network-accessible, has publicly available exploit code, and requires high-level administrative credentials to exploit, limiting attack surface primarily to insider threats or compromised admin accounts.
PHP
File Upload
-
CVE-2026-7233
LOW
CVSS 1.9
Out-of-bounds read in Artifex MuPDF up to version 1.28.0 within the CFF Index Handler's fz_subset_cff_for_gids function allows local attackers with low privileges to disclose sensitive information from application memory. The vulnerability requires local access and low privilege level but can be triggered without user interaction; publicly available exploit code exists and the vulnerability remains unpatched as of the last vendor response.
Buffer Overflow
Information Disclosure
-
CVE-2026-7230
LOW
CVSS 2.1
Stored or reflected cross-site scripting (XSS) in SourceCodester Safety Anger Pad 1.0 allows remote unauthenticated attackers to inject malicious scripts via the angerDisplay parameter, potentially compromising user sessions and stealing sensitive data. The vulnerability requires user interaction (UI:R per CVSS) but has publicly available exploit code and a moderate CVSS score of 4.3, making it a practical attack vector for credential harvesting or malware distribution.
XSS
-
CVE-2026-7229
LOW
CVSS 2.1
SQL injection in code-projects Coaching Management System 1.0 allows authenticated remote attackers to manipulate the complaintreply parameter in the POST handler at /cims/modules/admin/reply.php, leading to unauthorized database access and potential data exfiltration or modification. CVSS score of 6.3 reflects low confidentiality, integrity, and availability impact with network vector and low attack complexity. Public exploit code is available, and the vulnerability requires valid user authentication to trigger.
PHP
SQLi
-
CVE-2026-7222
LOW
CVSS 2.0
Stored cross-site scripting (XSS) in code-projects Coaching Management System 1.0 allows authenticated remote attackers to inject malicious scripts via the Complaint parameter in the complaint form page (/cims/modules/student/complaint.php), affecting users who view injected content. CVSS 5.1 reflects low confidentiality impact and limited integrity impact requiring user interaction; publicly available exploit code exists, confirming practical exploitability.
PHP
XSS
-
CVE-2026-7200
LOW
CVSS 2.1
Reflected cross-site scripting (XSS) in SourceCodester Pharmacy Sales and Inventory System 1.0 allows remote attackers to inject malicious scripts via manipulation of the ID parameter in the /index.php?page=types endpoint. User interaction is required for exploitation, and publicly available exploit code exists, though the vulnerability carries limited impact (integrity only, no confidentiality or availability compromise) with a CVSS score of 5.3.
PHP
XSS