2026-07-17
OpenClaw's QQBot media upload feature fails to enforce network-destination policy for lower-trust callers, enabling server-side requests to reach internal or blocked network addresses. Versions 2026.4.20 up to (but not including) 2026.5.28 are affected; the CVSS 4.0 score of 2.3 reflects that practical impact is tightly bounded by operator configuration - only subsequent-system confidentiality at a Low level is indicated (SC:L), with no direct impact to the vulnerable component itself. No public exploit code or active exploitation has been identified at time of analysis.
Broken access control in Grav Flex-Objects before 1.4.3 permits authenticated users holding only the api.access permission to perform full CRUD operations on directories lacking explicit permission configurations via the admin-next REST API. The vulnerability bypasses intended authorization controls (CWE-862) because the REST API fails to enforce object-level permission checks when no explicit policy is defined for a directory. No public exploit code exists and this vulnerability is not listed in the CISA KEV catalog; however, the CVSS 4.0 AT:P metric confirms exploitation depends on the target instance containing permission-less directories, which may be common in default or lightly configured deployments.
Authorization bypass in OpenClaw before version 2026.5.18 allows authenticated low-privilege callers to exceed their intended permissions within the skill command dispatch subsystem. Exploiting misconfigured or reachable input paths, an attacker can circumvent tool policy restrictions and execute or persist actions at a higher trust level than authorized when the affected feature is active and reachable. No public exploit code or active exploitation has been identified; the CVSS 4.0 score of 2.3 reflects the specific preconditions required for successful exploitation.
Authorization bypass in OpenClaw MS Teams before 2026.5.12 allows authenticated lower-privileged users to escalate their effective permissions by spoofing display names that the `allowFrom` access-control feature trusts as immutable identifiers. The root flaw (CWE-290) is that the authorization decision is anchored to a mutable attribute - the display name - rather than a stable, non-spoofable identity token. No public exploit code and no CISA KEV listing have been identified at time of analysis; the CVSS 4.0 score of 2.3 reflects the limited blast radius and the attack requirement precondition.
Incorrect authorization in OpenClaw's ClickClack allowFrom feature permits a lower-trust, authenticated caller to exceed their intended permission boundary - executing or persisting non-allowlisted commands - on versions 2026.5.12 through before 2026.5.26. The flaw (CWE-863) is contingent on the ClickClack allowFrom feature being both enabled and reachable, which meaningfully limits the exploitable population. No public exploit exists and the vulnerability is not listed in CISA KEV; a CVSS 4.0 score of 2.3 reflects the constrained attack surface.
CSRF in grav-plugin-login before 3.8.11 allows a remote unauthenticated attacker to rotate a logged-in victim's TOTP secret by luring them to an attacker-controlled page that performs a top-level GET navigation to the Grav site's regenerate2FASecret task endpoint. Because Grav dispatches frontend tasks via GET URI parameters and the default SameSite=Lax session cookie policy permits cross-origin top-level GET navigations to carry cookies, the victim's authenticator app is silently invalidated, forcing 2FA re-enrollment - though the attacker gains no account access. No public exploit has been identified at time of analysis; CVSS 4.0 score is 2.3, reflecting genuinely low severity.
Prototype pollution in sagold json-schema-library 11.5.0 and 11.5.1 allows remote low-privileged attackers to corrupt the JavaScript Object prototype by supplying crafted schema definitions or input data containing reserved keys such as `__proto__` processed by the `parsePropertyDependencies` function. The CVSS 4.0 vector confirms low-privilege network exploitation with limited but real confidentiality, integrity, and availability impact; the E:P supplemental metric confirms proof-of-concept code exists. No CISA KEV listing is present, so confirmed mass exploitation is not established at time of analysis.
The Joomla extension Events Booking prior version 5.8.0 did by default allow unauthenticated users to upload media assets.
The Joomla extension Events Booking is vulnerable to an unauthenticated user enumeration that allows to retrieve account usernames and email addresses.
The Joomla extension Events Booking prior version 5.8.0 had an frontend file upload endpoint that lacked CSRF protection.
Mojo::JWT versions before 1.02 for Perl verify HMAC signatures with a non-constant-time string comparison. The decode() method compares the supplied signature to the recomputed HMAC with Perl's eq operator, which stops at the first differing byte, so the comparison time varies with the number of matching leading bytes. A caller that decodes attacker supplied tokens leaks the expected signature through this timing variation, which can be aggregated over many requests to recover the signature and forge a token.