Export limit exceeded: 357824 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357824 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-44785 | 1 Discourse | 1 Discourse | 2026-06-12 | 4.3 Medium |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the AI "explain" helper only checks can_see? on the post being explained, not its reply_to_post, so any authenticated user with access to the AI helper could read the raw contents of a hidden parent post by invoking "Explain" on a reply to it. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1. | ||||
| CVE-2026-44786 | 1 Discourse | 1 Discourse | 2026-06-12 | 7.5 High |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, chat events for public category channels are published to MessageBus without permission scoping, so any MessageBus subscriber without chat enabled could receive chat message payloads in real time. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1. | ||||
| CVE-2026-44779 | 1 Discourse | 1 Discourse | 2026-06-12 | 4.3 Medium |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, bot debug endpoints disclose whisper translation audit logs. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1. | ||||
| CVE-2026-44780 | 1 Discourse | 1 Discourse | 2026-06-12 | 4.3 Medium |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload["raw_email"] for posts that arrived via incoming email. Category moderation group members reaching the review queue could therefore read the full inbound email source (headers, sender trace, MUA, body) without being in view_raw_email_allowed_groups — the trust boundary that gates the dedicated raw-email endpoint. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1. | ||||
| CVE-2026-44782 | 1 Discourse | 1 Discourse | 2026-06-12 | 4.3 Medium |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, GroupPostSerializer declared include_user_long_name? as the predicate for its :name attribute, but AMS looks for include_name?. The misnamed predicate was never called, so object.user.name was always serialized regardless of SiteSetting.enable_names. This issue has been patched in versions 2026.1.4, 2026.3.1, 2026.4.1, and 2026.5.0-latest.1. | ||||
| CVE-2026-53839 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 6.5 Medium |
| OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoints. | ||||
| CVE-2026-53838 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 9.8 Critical |
| OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approval scope decisions. Attackers can exploit reconnection logic to restore or present broader node authority than intended, potentially bypassing approval restrictions. | ||||
| CVE-2026-53837 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 3.7 Low |
| OpenClaw before 2026.5.6 contains an improper access control vulnerability in Mattermost event handlers that fails to validate channel type metadata. Attackers can bypass intended DM policy decisions by sending crafted Mattermost events missing channel type information to process restricted content. | ||||
| CVE-2026-53836 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 8.8 High |
| OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encoded commands using abbreviated flag aliases not recognized by the allowlist parser. Remote authenticated operators can bypass execution allowlist checks by using unrecognized encoded-command alias forms to execute arbitrary PowerShell content. | ||||
| CVE-2026-53835 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 4.3 Medium |
| OpenClaw before 2026.5.6 contains a configuration enforcement bypass vulnerability in Feishu dynamic-agent bindings that allows authenticated senders to create or update bindings without honoring configured config-write controls. Attackers can exploit this by leveraging the dynamic-agent binding feature to change sender-agent binding state beyond intended policy, potentially enabling unauthorized binding modifications. | ||||
| CVE-2026-53834 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 7.5 High |
| OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders to skip allowFrom policy checks. Attackers can invoke slash commands before configured access control policies are applied, potentially triggering command handling from blocked senders depending on operator configuration. | ||||
| CVE-2026-53832 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 7.7 High |
| OpenClaw before 2026.5.18 contains an identity header validation vulnerability allowing local same-host callers to forge trusted-proxy identity headers. Attackers with access to the proxy-facing Gateway port can supply forged identity headers to assume operator identity and potentially escalate privileges. | ||||
| CVE-2026-53831 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 8.3 High |
| OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenticated operators can exploit shell metacharacters in approved commands to read unintended node-local files and expose sensitive configuration data. | ||||
| CVE-2026-53830 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 6.5 Medium |
| OpenClaw before 2026.4.22 contains a webhook secret revocation bypass vulnerability allowing callers with old Slack and Zalo webhook secrets to remain active after secrets.reload. Attackers can exploit the stale-secret window to deliver webhook events after operator-expected secret revocation, potentially accepting previous credentials. | ||||
| CVE-2026-53829 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 8 High |
| OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and malicious suffixes to execute unauthorized operations after approval. | ||||
| CVE-2026-53828 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 8.8 High |
| OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute owner-only commands without proper policy enforcement. Attackers can trigger native command handling to bypass the configured owner-command access control, potentially executing privileged commands from unauthorized users. | ||||
| CVE-2026-53827 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 6.5 Medium |
| OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by providing malicious loopback targets through model-controlled action metadata. | ||||
| CVE-2026-53826 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 4.3 Medium |
| OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to child prompts. Attackers can exploit this by spawning child sessions from sandboxed parents to reveal host workspace location or related memory context to child models. | ||||
| CVE-2026-53825 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 6.5 Medium |
| OpenClaw before 2026.4.7 contains an arbitrary file read vulnerability in the memory-wiki ingest feature that allows authenticated Gateway operators with operator.write scope to read local files outside intended ingest sources. Attackers with operator.write access can specify arbitrary local file paths to import file content into wiki memory, bypassing access restrictions. | ||||
| CVE-2026-53823 | 1 Openclaw | 1 Openclaw | 2026-06-12 | 8.1 High |
| OpenClaw before 2026.5.3 contains a privilege escalation vulnerability in the allowFrom feature that binds to mutable Slack display names. Attackers with Slack account access can change display name metadata to match policy entries, potentially gaining unauthorized agent access intended for other identities. | ||||