Skip to main content

CWE-1023

Incomplete Comparison with Missing Factors

8 CVEs Avg CVSS 5.7 MITRE
1
CRITICAL
1
HIGH
4
MEDIUM
2
LOW
2
POC
1
KEV

Monthly

CVE-2026-53859 npm MEDIUM PATCH GHSA This Month

Hostname blocklist bypass in OpenClaw before 2026.5.26 enables authenticated attackers to reach operator-restricted network destinations by supplying trailing-dot notation in model- or workspace-derived URLs. The comparison logic evaluating hostnames against blocklist policies does not normalize fully qualified domain name (FQDN) trailing dots before evaluation, while DNS resolvers treat `blocked.example.com.` and `blocked.example.com` as identical targets. With confidentiality impact rated High by CVSS 4.0 and no public exploit or KEV listing identified at time of analysis, risk is real but bounded to deployments with active blocklist policies and users who control URL parameters.

Authentication Bypass Openclaw
NVD GitHub VulDB
CVSS 4.0
6.0
EPSS
0.2%
CVE-2026-53839 npm MEDIUM PATCH This Month

OpenClaw's retry endpoint authentication check performs hostname prefix matching instead of exact hostname comparison, enabling an authenticated attacker to redirect sensitive authentication material to an attacker-controlled endpoint. All versions before 2026.5.7 are affected per CPE cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*. The CVSS 4.0 vector scores this at 6.0 with high confidentiality impact (VC:H) and a specific attack prerequisite (AT:P); no public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV.

Information Disclosure Openclaw
NVD GitHub VulDB
CVSS 4.0
6.0
EPSS
0.0%
CVE-2026-7473 MEDIUM POC KEV THREAT This Month

Tunnel decapsulation logic in Arista EOS fails to verify the encapsulation protocol type, allowing any tunneled packet destined for a configured decapsulation IP to be silently unwrapped and forwarded into the network. Unauthenticated remote attackers (PR:N, AV:N per CVSS 4.0) can inject traffic into network segments by exploiting this check bypass on switches with VXLAN, decap-groups, or GRE configurations. The CVE description explicitly states this issue has been reported as exploited in the wild; however, a CISA KEV entry was not confirmed in the provided data. The integrity impact is assessed as low on both the vulnerable and subsequent systems per CVSS 4.0 (VI:L/SI:L), but the network trust boundary violation in a core switching context warrants elevated operational priority.

Information Disclosure Eos
NVD VulDB GitHub
CVSS 4.0
6.9
EPSS
0.0%
Threat
4.4
CVE-2026-48587 PyPI LOW PATCH Monitor

Cache-bypass information disclosure in Django's `has_vary_header()` utility allows remote attackers to read cached HTTP responses intended for other users by exploiting improper whitespace handling in `Vary` header comparisons. Affected versions are Django 5.2.x before 5.2.15 and 6.0.x before 6.0.6; earlier unsupported series (5.0.x, 4.1.x, 3.2.x) were not evaluated and may also be affected per the vendor. The CVSS 4.0 score of 2.3 reflects constrained real-world impact requiring both a non-default prerequisite condition and user interaction, with no public exploit or confirmed active exploitation identified at time of analysis.

Information Disclosure Python
NVD VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-4599 npm CRITICAL PATCH GHSA Act Now

The jsrsasign JavaScript cryptographic library contains a critical vulnerability in its random number generation functions that allows attackers to recover private DSA keys through nonce bias exploitation. Versions 7.0.0 through 11.1.0 are affected. A proof-of-concept is publicly available (referenced in GitHub Gist), demonstrating the attack feasibility, and the vulnerability requires no authentication or user interaction for remote exploitation.

Information Disclosure Jsrsasign
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2025-46722 PyPI MEDIUM PATCH Monitor

vLLM is an inference and serving engine for large language models (LLMs). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Information Disclosure Vllm Red Hat
NVD GitHub
CVSS 3.1
4.2
EPSS
0.2%
CVE-2024-5528 LOW POC Monitor

An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gitlab
NVD
CVSS 3.1
3.5
EPSS
0.1%
CVE-2021-23146 HIGH This Week

An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Command Centre
NVD
CVSS 3.1
7.5
EPSS
0.9%
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Hostname blocklist bypass in OpenClaw before 2026.5.26 enables authenticated attackers to reach operator-restricted network destinations by supplying trailing-dot notation in model- or workspace-derived URLs. The comparison logic evaluating hostnames against blocklist policies does not normalize fully qualified domain name (FQDN) trailing dots before evaluation, while DNS resolvers treat `blocked.example.com.` and `blocked.example.com` as identical targets. With confidentiality impact rated High by CVSS 4.0 and no public exploit or KEV listing identified at time of analysis, risk is real but bounded to deployments with active blocklist policies and users who control URL parameters.

Authentication Bypass Openclaw
NVD GitHub VulDB
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

OpenClaw's retry endpoint authentication check performs hostname prefix matching instead of exact hostname comparison, enabling an authenticated attacker to redirect sensitive authentication material to an attacker-controlled endpoint. All versions before 2026.5.7 are affected per CPE cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:*:*:*. The CVSS 4.0 vector scores this at 6.0 with high confidentiality impact (VC:H) and a specific attack prerequisite (AT:P); no public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV.

Information Disclosure Openclaw
NVD GitHub VulDB
EPSS 0% 4.4 CVSS 6.9
MEDIUM POC KEV THREAT This Month

Tunnel decapsulation logic in Arista EOS fails to verify the encapsulation protocol type, allowing any tunneled packet destined for a configured decapsulation IP to be silently unwrapped and forwarded into the network. Unauthenticated remote attackers (PR:N, AV:N per CVSS 4.0) can inject traffic into network segments by exploiting this check bypass on switches with VXLAN, decap-groups, or GRE configurations. The CVE description explicitly states this issue has been reported as exploited in the wild; however, a CISA KEV entry was not confirmed in the provided data. The integrity impact is assessed as low on both the vulnerable and subsequent systems per CVSS 4.0 (VI:L/SI:L), but the network trust boundary violation in a core switching context warrants elevated operational priority.

Information Disclosure Eos
NVD VulDB GitHub
EPSS 0% CVSS 2.3
LOW PATCH Monitor

Cache-bypass information disclosure in Django's `has_vary_header()` utility allows remote attackers to read cached HTTP responses intended for other users by exploiting improper whitespace handling in `Vary` header comparisons. Affected versions are Django 5.2.x before 5.2.15 and 6.0.x before 6.0.6; earlier unsupported series (5.0.x, 4.1.x, 3.2.x) were not evaluated and may also be affected per the vendor. The CVSS 4.0 score of 2.3 reflects constrained real-world impact requiring both a non-default prerequisite condition and user interaction, with no public exploit or confirmed active exploitation identified at time of analysis.

Information Disclosure Python
NVD VulDB
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

The jsrsasign JavaScript cryptographic library contains a critical vulnerability in its random number generation functions that allows attackers to recover private DSA keys through nonce bias exploitation. Versions 7.0.0 through 11.1.0 are affected. A proof-of-concept is publicly available (referenced in GitHub Gist), demonstrating the attack feasibility, and the vulnerability requires no authentication or user interaction for remote exploitation.

Information Disclosure Jsrsasign
NVD GitHub VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH Monitor

vLLM is an inference and serving engine for large language models (LLMs). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Information Disclosure Vllm Red Hat
NVD GitHub
EPSS 0% CVSS 3.5
LOW POC Monitor

An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gitlab
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An Incomplete Comparison with Missing Factors vulnerability in the Gallagher Controller allows an attacker to bypass PIV verification. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Command Centre
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy