No Result
View All Result
No Result
View All Result
No Result
View All Result

Live CVE Feed

Share on FacebookShare on Twitter

Live CVE Feed

Curated from global sources like ENISA EUVD and CVE Details

  • CVE-2026-9848 - WP Ticket <= 6.0.4 - Unauthenticated SQL Injection via WordPress Search 's' Parameter

    CVE ID :CVE-2026-9848 Published : June 13, 2026, 3:16 a.m. | 1 hour, 44 minutes ago Description :The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter (`s`) in versions up to, and including, 6.0.4 The plugin hooks WordPress's `posts_request` filter with `wp_ticket_com_posts_request()`, which calls `emd_author_search_results()` when the current request is an unauthenticated front-end search. That function reads `$query->query_vars['s']` , already wp_unslash()'d by `WP_Query::parse_query()`, so wp_magic_quotes protection has been stripped , and concatenates the raw value into a SQL `LIKE` clause inside a UNION sub-SELECT appended to the main query, with no `$wpdb->prepare()` or escaping. This makes it possible for unauthenticated attackers to append additional SQL queries into already-existing queries that can be used to extract sensitive information from the database. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-54228 - Abrt: toctou race condition in abrt-dbus setelement allows arbitrary file writes to dump directories

    CVE ID :CVE-2026-54228 Published : June 13, 2026, 3:16 a.m. | 1 hour, 44 minutes ago Description :A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can call SetElement to write arbitrary text files into the root-owned dump directory, bypassing package validation and allowing crashes of unpackaged binaries to survive post-create processing. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-54229 - Abrt: chownproblemdir succeeds during active post-create event processing due to inadequate locking

    CVE ID :CVE-2026-54229 Published : June 13, 2026, 3:16 a.m. | 1 hour, 44 minutes ago Description :A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir method. ChownProblemDir opens the dump directory with DD_OPEN_READONLY and calls dd_chown to change ownership of all files to the caller's uid, succeeding even while post-create event handlers hold a write lock. This allows an attacker to gain filesystem-level control of the dump directory while privileged event scripts are still running. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-54230 - Abrt: event handler scripts follow symlinks when writing output files, allowing arbitrary file overwrites

    CVE ID :CVE-2026-54230 Published : June 13, 2026, 3:16 a.m. | 1 hour, 44 minutes ago Description :A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and writes content to the symlink target, allowing arbitrary file overwrites on the system. Severity: 7.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-54231 - Abrt: unsanitized systemd journal content written to dump directory files enables content injection

    CVE ID :CVE-2026-54231 Published : June 13, 2026, 3:16 a.m. | 1 hour, 44 minutes ago Description :A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal output by embedding newline characters in syslog messages, controlling the content that root writes to dump directory files. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-12089 - WS Optimize – All-in-One Speed Booster & Cache Tools <= 3.3.19 - Authenticated (Editor+) Arbitrary File Read

    CVE ID :CVE-2026-12089 Published : June 13, 2026, 3:16 a.m. | 1 hour, 44 minutes ago Description :The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 3.3.19. This is due to the combine_current_css() function trusting values harvested from page HTML and converting same-site URLs to absolute filesystem paths before reading them with file_get_contents()/Minify\CSS::add(), without enforcing that the resolved path stay within ABSPATH or have a .css extension. This makes it possible for authenticated attackers, with Editor-level access and above, to read arbitrary files. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-11443 - Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability

    CVE ID :CVE-2026-11443 Published : June 13, 2026, 12:16 a.m. | 4 hours, 44 minutes ago Description :Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the downloadAttachment method. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of arbitrary script. An attacker can leverage this vulnerability to execute script in the context of the current user. Was ZDI-CAN-28236. Severity: 4.6 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-11442 - Allegra exportReport Directory Traversal Information Disclosure Vulnerability

    CVE ID :CVE-2026-11442 Published : June 13, 2026, 12:16 a.m. | 4 hours, 44 minutes ago Description :Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required to exploit this vulnerability.The specific flaw exists within the exportReport method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the service account. Was ZDI-CAN-28208. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-6676 - Avira antivirus engine heap buffer OOB write when scanning a malformed POSIX tar archive

    CVE ID :CVE-2026-6676 Published : June 12, 2026, 11:16 p.m. | 5 hours, 43 minutes ago Description :Heap buffer out-of-bounds write vulnerability in Avira Antivirus engine when scanning a malformed POSIX tar archive may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.27.12. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-12068 - Avira Password Manager credential disclosure via cross-origin autofill in Firefox

    CVE ID :CVE-2026-12068 Published : June 12, 2026, 11:16 p.m. | 5 hours, 44 minutes ago Description :Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incorrect autofill field selection.This issue affects Avira Password Manager when used with Mozilla Firefox on Windows, macOS, and Linux. Severity: 7.4 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
    on June 12, 2026 at 7:26 pm

    PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data “While several organizations successfully blocked the activity or remediated the vulnerabilities, others experienced compromise, resulting in stolen data being published on the ShinyHunters DLS,” Mand ... Read more Published Date: Jun 12, 2026 (10 hours, 6 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-35273

  • China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
    on June 12, 2026 at 6:17 pm

    China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Ve ... Read more Published Date: Jun 12, 2026 (11 hours, 15 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-20230 CVE-2026-23479 CVE-2024-20399

  • LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
    on June 12, 2026 at 9:50 am

    LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph ... Read more Published Date: Jun 12, 2026 (19 hours, 42 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-20230 CVE-2026-23479 CVE-2026-28277 CVE-2026-27022 CVE-2025-67644

  • 'ShinyHunters misbruikte sinds 27 mei zerodaylek in Oracle PeopleSoft'
    on June 12, 2026 at 8:33 am

    'ShinyHunters misbruikte sinds 27 mei zerodaylek in Oracle PeopleSoft' De criminele groepering ShinyHunters heeft sinds 27 mei misbruik gemaakt van een kritieke kwetsbaarheid in Oracle PeopleSoft waar op het moment van de aanvallen nog geen patch voor beschikbaar was, zo ... Read more Published Date: Jun 12, 2026 (20 hours, 59 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-35273

  • Oracle PeopleSoft Zero-Day Exploited by ShinyHunters , 100+ Organizations Breached
    on June 12, 2026 at 2:08 am

    Oracle PeopleSoft Zero-Day Exploited by ShinyHunters , 100+ Organizations Breached CVE-2026-35273 | CVSS 9.8 | Critical | Zero-Day | Active ExploitationOverviewOracle’s PeopleSoft enterprise platform has been the target of a large-scale, coordinated mass-compromise campaign carried ... Read more Published Date: Jun 12, 2026 (1 day, 3 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-35273

  • ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
    on June 11, 2026 at 8:29 pm

    ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hard ... Read more Published Date: Jun 11, 2026 (1 day, 9 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-35273 CVE-2026-11645 CVE-2026-20230 CVE-2026-23479

  • New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
    on June 11, 2026 at 5:43 pm

    New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. " ... Read more Published Date: Jun 11, 2026 (1 day, 11 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-20230 CVE-2026-45585 CVE-2026-23479

  • The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
    on June 11, 2026 at 4:50 pm

    The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leverag ... Read more Published Date: Jun 11, 2026 (1 day, 12 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-20230 CVE-2026-23479 CVE-2025-33073 CVE-2025-32433 CVE-2024-55591

  • Ivanti June 2026 , Vulnerability Advisory Deep Dive
    on June 11, 2026 at 3:25 pm

    Ivanti June 2026 , Vulnerability Advisory Deep Dive CVE-2026-10520 | Ivanti Sentry | CVSS 10.0 , OS Command InjectionVulnerability class: CWE-78 , OS Command InjectionAttack vector: Network | No authentication | No user interactionThe flaw resides in t ... Read more Published Date: Jun 11, 2026 (1 day, 14 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-10727 CVE-2026-10523 CVE-2026-10520 CVE-2026-6973 CVE-2026-1340 CVE-2026-1281

  • ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
    on June 11, 2026 at 2:00 pm

    ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified an active compromise and extortion campaign attributed to UNC6240 (ShinyHunters) targeting Oracle PeopleSoft applicati ... Read more Published Date: Jun 11, 2026 (1 day, 15 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-35273

  • ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories
    on June 11, 2026 at 1:20 pm

    ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there's a supply chain attack kit in a public repo, a $5,000-a-mon ... Read more Published Date: Jun 11, 2026 (1 day, 16 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-49494 CVE-2026-20230 CVE-2026-23479

  • Time4Popcorn-lek laat aanvaller malafide updates bij gebruikers installeren
    on June 11, 2026 at 12:44 pm

    Time4Popcorn-lek laat aanvaller malafide updates bij gebruikers installeren Een kwetsbaarheid in de software Time4Popcorn maakt het mogelijk voor aanvallers om malafide updates bij gebruikers te installeren en zo het systeem met malware te infecteren. De software wordt niet m ... Read more Published Date: Jun 11, 2026 (1 day, 16 hours ago) Vulnerabilities has been mentioned in this article.

  • ShinyHunters claimt datadiefstal van honderden Oracle PeopleSoft-servers
    on June 11, 2026 at 11:26 am

    ShinyHunters claimt datadiefstal van honderden Oracle PeopleSoft-servers De criminele groepering ShinyHunters claimt dat het van honderden Oracle PeopleSoft-servers data heeft gestolen. Dat meldt een beveiligingsonderzoeker op X. De aanvallen zijn gericht tegenover zowel ... Read more Published Date: Jun 11, 2026 (1 day, 18 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-35273

  • Vulnerability in Golem OEE MES software
    on June 11, 2026 at 10:55 am

    Vulnerability in Golem OEE MES software Vulnerability in Golem OEE MES software CVE ID CVE-2026-8464 Publication date 11 June 2026 Vendor Neuron Soft Product Golem OEE MES Vulnerable versions All before 11.6.0 Vulnerability type (CWE) Impro ... Read more Published Date: Jun 11, 2026 (1 day, 18 hours ago) Vulnerabilities has been mentioned in this article.

  • Grootschalig misbruik van nieuwe Ivanti Sentry-kwetsbaarheid gemeld
    on June 11, 2026 at 7:29 am

    Grootschalig misbruik van nieuwe Ivanti Sentry-kwetsbaarheid gemeld Aanvallers maken op grote schaal misbruik van een kritieke kwetsbaarheid in Ivanti Sentry, waarbij servers van een backdoor worden voorzien, zo waarschuwt The Shadowserver Foundation op basis van eige ... Read more Published Date: Jun 11, 2026 (1 day, 22 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-10520

  • Oracle komt met noodpatch voor kritiek RCE-lek in PeopleSoft
    on June 11, 2026 at 7:15 am

    Oracle komt met noodpatch voor kritiek RCE-lek in PeopleSoft Oracle heeft buiten de vaste patchcyclus om een noodpatch uitgebracht voor een kritieke kwetsbaarheid in PeopleSoft Enterprise PeopleTools waardoor remote code execution (RCE) mogelijk is. Organisatie ... Read more Published Date: Jun 11, 2026 (1 day, 22 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-35273

  • ServiceNow Flaw Exploited by Threat Actors to Access Customer Instances
    on June 11, 2026 at 6:53 am

    ServiceNow Flaw Exploited by Threat Actors to Access Customer Instances A recently disclosed ServiceNow flaw has come under scrutiny after the company confirmed that unknown threat actors exploited the vulnerability to gain unauthorized access to a number of customer inst ... Read more Published Date: Jun 11, 2026 (1 day, 22 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-41940

  • CISA Sets 72-Hour Patch Window for Federal Systems Facing Highest Cyber Risks
    on June 11, 2026 at 6:02 am

    CISA Sets 72-Hour Patch Window for Federal Systems Facing Highest Cyber Risks The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has introduced a new risk-based approach to vulnerability remediation, requiring federal civilian agencies to patch the most dangerous ... Read more Published Date: Jun 11, 2026 (1 day, 23 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-20245 CVE-2024-37079

  • CISA KEV Update , Cisco Catalyst SD-WAN, Google Chrome V8 & Arista EOS
    on June 10, 2026 at 5:13 pm

    CISA KEV Update , Cisco Catalyst SD-WAN, Google Chrome V8 & Arista EOS CISA added three new vulnerabilities to its Known Exploited Vulnerabilities catalog on June 9, 2026: CVE-2026-20245 (Cisco Catalyst SD-WAN Manager), CVE-2026-11645 (Google Chromium V8), and CVE-2026-7 ... Read more Published Date: Jun 10, 2026 (2 days, 12 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-11688 CVE-2026-11662 CVE-2026-11650 CVE-2026-11649 CVE-2026-11645 CVE-2026-7473 CVE-2026-20245 CVE-2026-28318 CVE-2026-20182 CVE-2026-20127

  • China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance
    on June 10, 2026 at 4:08 pm

    China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance Cybersecurity researchers have warned of a "resurgence and expansion" of JDY, a covert network associated with China-nexus state-sponsored threat actors. "The JDY botnet comprises over 1,500 SOHO [sma ... Read more Published Date: Jun 10, 2026 (2 days, 13 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-20230 CVE-2026-23479 CVE-2026-35616

  • Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
    on June 10, 2026 at 3:10 pm

    Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure. The security fl ... Read more Published Date: Jun 10, 2026 (2 days, 14 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-25089 CVE-2026-10523 CVE-2026-10520 CVE-2026-44748 CVE-2026-40128 CVE-2026-27671 CVE-2026-11645 CVE-2026-20230 CVE-2026-23479 CVE-2026-22732

  • Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE
    on June 10, 2026 at 3:00 pm

    Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to f ... Read more Published Date: Jun 10, 2026 (2 days, 14 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-20230 CVE-2026-23479 CVE-2026-5027 CVE-2026-33017 CVE-2026-0770 CVE-2026-21445 CVE-2025-34291

  • CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
    on June 10, 2026 at 2:44 pm

    CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitati ... Read more Published Date: Jun 10, 2026 (2 days, 14 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-11645 CVE-2026-7473 CVE-2026-20245 CVE-2026-20230 CVE-2026-23479

  • Microsoft komt met update voor actief aangevallen XSS-lek in Exchange Server
    on June 10, 2026 at 2:22 pm

    Microsoft komt met update voor actief aangevallen XSS-lek in Exchange Server Microsoft heeft een beveiligingsupdate uitgebracht voor een actief aangevallen cross-site scripting (XSS) lek in Exchange Server en roept organisaties en beheerders op om de patch zo snel mogelijk te ... Read more Published Date: Jun 10, 2026 (2 days, 15 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-42897

  • OpenSSL-lek gevonden met AI kan mogelijk tot remote code execution leiden
    on June 10, 2026 at 12:50 pm

    OpenSSL-lek gevonden met AI kan mogelijk tot remote code execution leiden Een beveiligingsonderzoeker heeft met behulp van AI een kwetsbaarheid in OpenSSL gevonden die in bepaalde gevallen mogelijk tot remote code execution kan leiden, zo laat het ontwikkelteam weten. Er zi ... Read more Published Date: Jun 10, 2026 (2 days, 16 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-45447

severity high

  • CVE-2026-53868 - Capgo < 12.128.2 - Denial of Service via Unverified Email Account Registration and Deletion

    CVE ID :CVE-2026-53868 Published : June 12, 2026, 10:16 p.m. | 8 hours, 6 minutes ago Description :Capgo before 12.128.2 contains a denial of service vulnerability allowing attackers to register accounts using arbitrary email addresses without verification, then initiate deletion to lock emails in pending deletion state. Attackers can permanently lock legitimate users out of the platform for 30 days by exploiting unverified email ownership in account lifecycle operations. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-53834 - OpenClaw < 2026.4.27 - Authorization Bypass in QQBot Pre-dispatch Slash Commands

    CVE ID :CVE-2026-53834 Published : June 12, 2026, 10:16 p.m. | 8 hours, 6 minutes ago Description :OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders to skip allowFrom policy checks. Attackers can invoke slash commands before configured access control policies are applied, potentially triggering command handling from blocked senders depending on operator configuration. Severity: 8.2 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-53836 - OpenClaw < 2026.5.12 - Allowlist Bypass via PowerShell Encoded-Command Aliases

    CVE ID :CVE-2026-53836 Published : June 12, 2026, 10:16 p.m. | 8 hours, 6 minutes ago Description :OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute encoded commands using abbreviated flag aliases not recognized by the allowlist parser. Remote authenticated operators can bypass execution allowlist checks by using unrecognized encoded-command alias forms to execute arbitrary PowerShell content. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-53838 - OpenClaw < 2026.5.27 - Node Pairing State Mutation via Reconnection

    CVE ID :CVE-2026-53838 Published : June 12, 2026, 10:16 p.m. | 8 hours, 6 minutes ago Description :OpenClaw before 2026.5.27 contains a state mutation vulnerability in node pairing reconnection that allows paired nodes to confuse approval scope decisions. Attackers can exploit reconnection logic to restore or present broader node authority than intended, potentially bypassing approval restrictions. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-53828 - OpenClaw < 2026.5.6 - Native Command Authorization Bypass via Owner-Command Enforcement

    CVE ID :CVE-2026-53828 Published : June 12, 2026, 10:16 p.m. | 8 hours, 6 minutes ago Description :OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in native command handling that allows authenticated senders to execute owner-only commands without proper policy enforcement. Attackers can trigger native command handling to bypass the configured owner-command access control, potentially executing privileged commands from unauthorized users. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-53829 - OpenClaw < 2026.5.18 - Command Truncation in Exec Approval Display

    CVE ID :CVE-2026-53829 Published : June 12, 2026, 10:16 p.m. | 8 hours, 6 minutes ago Description :OpenClaw before 2026.5.18 contains an approval display truncation vulnerability allowing authenticated users to hide command suffixes from approvers. Attackers can submit oversized exec commands with benign prefixes and malicious suffixes to execute unauthorized operations after approval. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-53831 - OpenClaw < 2026.5.18 - Arbitrary File Read via Shell Expansion in system.run Safe-bin Allowlist

    CVE ID :CVE-2026-53831 Published : June 12, 2026, 10:16 p.m. | 8 hours, 6 minutes ago Description :OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenticated operators can exploit shell metacharacters in approved commands to read unintended node-local files and expose sensitive configuration data. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-53821 - OpenClaw < 2026.5.18 - Scope Elevation in trusted-proxy Control UI WebSocket

    CVE ID :CVE-2026-53821 Published : June 12, 2026, 10:16 p.m. | 8 hours, 6 minutes ago Description :OpenClaw before 2026.5.18 accepts WebSocket client-declared operator scopes before binding to server-approved pairing or trusted-proxy authorization baseline. Unpaired or restricted trusted-proxy Control UI clients can obtain cached operator.admin authority on live WebSocket connections to execute admin-gated Gateway RPCs. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-53822 - OpenClaw < 2026.5.18 - Command Argument Modification via Shell Wrapper Between Approval and Execution

    CVE ID :CVE-2026-53822 Published : June 12, 2026, 10:16 p.m. | 8 hours, 6 minutes ago Description :OpenClaw before 2026.5.18 contains a command injection vulnerability where shell wrapper argv could change between approval and execution. Attackers can rebuild command arguments after allowlist approval to execute unapproved command shapes, potentially bypassing security controls. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

  • CVE-2026-53823 - OpenClaw < 2026.5.3 - Privilege Escalation via Mutable Slack Display Names in allowFrom

    CVE ID :CVE-2026-53823 Published : June 12, 2026, 10:16 p.m. | 8 hours, 6 minutes ago Description :OpenClaw before 2026.5.3 contains a privilege escalation vulnerability in the allowFrom feature that binds to mutable Slack display names. Attackers with Slack account access can change display name metadata to match policy entries, potentially gaining unauthorized agent access intended for other identities. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

    NEWS Events

    No Result
    View All Result

    © 2025 Sumtrix – Your source for the latest in Cybersecurity, AI, and Tech News.

    Our website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.