Monthly
ClearanceKit for macOS prior to version 5.0.4-beta-1f46165 fails to validate destination paths in dual-path file operations (rename, link, copyfile, exchangedata, clone), allowing authenticated local processes to bypass file-access protection and place or replace files in protected directories. The vulnerability affects all versions before 5.0.4-beta-1f46165 and has been patched; no public exploit code or active exploitation has been identified at the time of analysis.
OpenClaw before version 2026.3.25 allows authenticated attackers to bypass authorization checks on the /sessions/:sessionKey/history HTTP endpoint, enabling unauthorized access to session history data without requiring operator.read scope permissions. The vulnerability affects all OpenClaw versions prior to 2026.3.25 and requires valid authentication credentials to exploit; no public exploit code or active exploitation has been identified at time of analysis.
Incorrect authorization in OpenClaw pre-2026.3.24 allows authenticated users with operator.write access to browser.request capability to invoke POST /reset-profile endpoint, bypassing privilege restrictions to terminate running browsers, sever Playwright connections, and relocate profile directories to system Trash. Exploitation requires low-privilege authentication (CVSS PR:L) but achieves high integrity and availability impact through unauthorized state mutation and service disruption across intended security boundaries. No public exploit identified at time of analysis.
OpenClaw before version 2026.3.24 allows authenticated operators with only operator.approvals scope to enumerate sensitive gateway model metadata via the HTTP /v1/models endpoint, bypassing stricter WebSocket RPC authorization controls. Attackers with limited operator privileges can access information that should be restricted to higher-privilege read scopes, resulting in unauthorized information disclosure.
Vikunja's scoped API token enforcement for project background routes contains a method-confusion authorization bypass allowing tokens with only `projects.background` permission to delete project backgrounds despite lacking the `projects.background_delete` permission. This enables authenticated attackers to perform unintended destructive operations on projects they have update access to, weakening the permission model for narrowly scoped API tokens used in automation and third-party integrations. The vulnerability has a vendor-released patch available and is confirmed reproducible on the affected codebase.
Vikunja API versions prior to 2.3.0 allow authenticated users to read any label metadata and creator information across projects via SQL operator precedence flaw in the hasAccessToLabel function. Any label attached to at least one task becomes readable to all authenticated users regardless of project access permissions, enabling cross-project information disclosure of label titles, descriptions, colors, and creator usernames. The vulnerability requires prior authentication (PR:L per CVSS vector) and carries low complexity attack surface with direct impact to confidentiality. No public exploit code beyond the proof-of-concept in the advisory has been identified, and vendor-released patch version 2.3.0 is available.
Local privilege escalation in systemd 259 before 260 allows authenticated local users to gain root-level access via varlink communication to systemd-machined, exploiting improper namespace isolation. The vulnerability requires low privileges, high attack complexity, and user interaction, affecting the systemd init system across Linux distributions. No public exploit code or active exploitation has been confirmed at time of analysis.
WP-Optimize plugin for WordPress allows authenticated subscribers and higher to execute admin-only operations including log file access, backup image deletion, and bulk image processing due to missing capability checks in the Heartbeat handler function. The vulnerability affects all versions up to 4.5.0 and requires user authentication but no elevated privileges, enabling privilege escalation from subscriber-level accounts to perform administrative image optimization tasks that should be restricted to site administrators.
OpenStack Keystone 14 through 29.x allows authenticated users with restricted application credentials to create EC2 credentials that inherit the parent user's full S3 permissions, bypassing role restrictions. This privilege escalation affects only deployments combining restricted application credentials with the EC2/S3 compatibility API (swift3/s3api), and requires valid authentication credentials and moderate attack complexity to exploit.
Authorization bypass in OpenClaw versions prior to 2026.3.25 enables authenticated users to terminate arbitrary subagent sessions through the /sessions/:sessionKey/kill HTTP endpoint. Exploiting CWE-863 improper authorization, low-privilege authenticated attackers execute admin-level killSubagentRunAdmin functions without ownership or operator scope validation, achieving high integrity and availability impact on targeted sessions. No public exploit identified at time of analysis.
ClearanceKit for macOS prior to version 5.0.4-beta-1f46165 fails to validate destination paths in dual-path file operations (rename, link, copyfile, exchangedata, clone), allowing authenticated local processes to bypass file-access protection and place or replace files in protected directories. The vulnerability affects all versions before 5.0.4-beta-1f46165 and has been patched; no public exploit code or active exploitation has been identified at the time of analysis.
OpenClaw before version 2026.3.25 allows authenticated attackers to bypass authorization checks on the /sessions/:sessionKey/history HTTP endpoint, enabling unauthorized access to session history data without requiring operator.read scope permissions. The vulnerability affects all OpenClaw versions prior to 2026.3.25 and requires valid authentication credentials to exploit; no public exploit code or active exploitation has been identified at time of analysis.
Incorrect authorization in OpenClaw pre-2026.3.24 allows authenticated users with operator.write access to browser.request capability to invoke POST /reset-profile endpoint, bypassing privilege restrictions to terminate running browsers, sever Playwright connections, and relocate profile directories to system Trash. Exploitation requires low-privilege authentication (CVSS PR:L) but achieves high integrity and availability impact through unauthorized state mutation and service disruption across intended security boundaries. No public exploit identified at time of analysis.
OpenClaw before version 2026.3.24 allows authenticated operators with only operator.approvals scope to enumerate sensitive gateway model metadata via the HTTP /v1/models endpoint, bypassing stricter WebSocket RPC authorization controls. Attackers with limited operator privileges can access information that should be restricted to higher-privilege read scopes, resulting in unauthorized information disclosure.
Vikunja's scoped API token enforcement for project background routes contains a method-confusion authorization bypass allowing tokens with only `projects.background` permission to delete project backgrounds despite lacking the `projects.background_delete` permission. This enables authenticated attackers to perform unintended destructive operations on projects they have update access to, weakening the permission model for narrowly scoped API tokens used in automation and third-party integrations. The vulnerability has a vendor-released patch available and is confirmed reproducible on the affected codebase.
Vikunja API versions prior to 2.3.0 allow authenticated users to read any label metadata and creator information across projects via SQL operator precedence flaw in the hasAccessToLabel function. Any label attached to at least one task becomes readable to all authenticated users regardless of project access permissions, enabling cross-project information disclosure of label titles, descriptions, colors, and creator usernames. The vulnerability requires prior authentication (PR:L per CVSS vector) and carries low complexity attack surface with direct impact to confidentiality. No public exploit code beyond the proof-of-concept in the advisory has been identified, and vendor-released patch version 2.3.0 is available.
Local privilege escalation in systemd 259 before 260 allows authenticated local users to gain root-level access via varlink communication to systemd-machined, exploiting improper namespace isolation. The vulnerability requires low privileges, high attack complexity, and user interaction, affecting the systemd init system across Linux distributions. No public exploit code or active exploitation has been confirmed at time of analysis.
WP-Optimize plugin for WordPress allows authenticated subscribers and higher to execute admin-only operations including log file access, backup image deletion, and bulk image processing due to missing capability checks in the Heartbeat handler function. The vulnerability affects all versions up to 4.5.0 and requires user authentication but no elevated privileges, enabling privilege escalation from subscriber-level accounts to perform administrative image optimization tasks that should be restricted to site administrators.
OpenStack Keystone 14 through 29.x allows authenticated users with restricted application credentials to create EC2 credentials that inherit the parent user's full S3 permissions, bypassing role restrictions. This privilege escalation affects only deployments combining restricted application credentials with the EC2/S3 compatibility API (swift3/s3api), and requires valid authentication credentials and moderate attack complexity to exploit.
Authorization bypass in OpenClaw versions prior to 2026.3.25 enables authenticated users to terminate arbitrary subagent sessions through the /sessions/:sessionKey/kill HTTP endpoint. Exploiting CWE-863 improper authorization, low-privilege authenticated attackers execute admin-level killSubagentRunAdmin functions without ownership or operator scope validation, achieving high integrity and availability impact on targeted sessions. No public exploit identified at time of analysis.