Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
SenseLive X3050 Insufficient session expiration
SenseLive X3050 Authentication bypass using an alternate path or channel
A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via craft...
In versions <8
Libxml2: libxml2: denial of service via crafted xsd-validated document
OpenClaw < 2026.3.28 - SSRF Guard Bypass via IPv6 Special-Use Ranges
OpenClaw < 2026.4.2 - Approval Integrity Bypass in pnpm dlx Local Script Binding
OpenClaw < 2026.3.28 - Privilege Escalation via operator.write to Admin-Class Telegram Config and Cron Persistence
OpenClaw < 2026.4.2 - Sender Allowlist Bypass via Slack Thread Context
OpenClaw < 2026.3.31 - Unsanitized Environment Variable Leakage in SSH Sandbox Backends
OpenClaw < 2026.3.31 - Incomplete WebSocket Session Termination in device.token.rotate
OpenShell < 2026.3.28 - Arbitrary Code Execution via Mirror Mode Sandbox File Conversion
OpenClaw < 2026.4.2 - Insufficient Scope in Zalo Webhook Replay Dedupe Keys
OpenClaw < 2026.3.22 - allowProfiles Bypass via Profile Mutation and Runtime Selection
OpenClaw < 2026.3.31 - Remote Code Execution via Node Scope Gate Bypass
OpenClaw < 2026.3.31 - Webhook Replay Detection Bypass via Base64 Signature Re-encoding
OpenClaw < 2026.3.31 - Session Visibility Bypass via session_status in Unsandboxed Invocations
OpenClaw < 2026.3.28 - Agentic Consent Bypass via config.patch
OpenClaw < 2026.3.31 - Group DM Channel Allowlist Bypass via Discord Slash Commands
OpenClaw < 2026.3.31 - Cross-Site Request Forgery via Missing Browser-Origin Validation in HTTP Operator Endpoints
Showing 1 - 20 of 1,000+ results