Search Vulnerabilities

OpenClaw < 2026.3.24 - Environment Variable Injection via Workspace Config in CLI Backend

Apr 28, 2026

CVE-2026-41294

OpenClaw < 2026.3.28 - Environment Variable Injection via CWD .env File

Apr 20, 2026

CVE-2026-0232

Cortex XDR Agent: Local Administrator can disable the agent on Windows

Apr 13, 2026

CVE-2026-35650

OpenClaw < 2026.3.22 - Environment Variable Override Bypass via Inconsistent Sanitization

CVE-2026-33092

Local privilege escalation due to improper handling of environment variables

CVE-2026-30817

Arbitrary File Reading Vulnerability in dnsmasq Module in TP-Link AX53

CVE-2026-30816

Arbitrary File Reading Vulnerability in OpenVPN Module in TP-Link AX53

CVE-2026-22177

OpenClaw < 2026.2.21 - Environment Variable Injection via Config env.vars

Mar 18, 2026

CVE-2026-21422

Dell PowerScale OneFS, versions 9

Mar 4, 2026

CVE-2026-27203

eBay API MCP Server Affected by Environment Variable Injection

Feb 20, 2026

CVE-2025-13091

Shopire <= 1.0.57 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install

Feb 19, 2026

CVE-2026-22708

CRITICAL

Cursor has a Terminal Tool Allowlist Bypass via Environment Variables

Jan 14, 2026

CVE-2026-0495

Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)

Jan 13, 2026

CVE-2025-64726

External Control of System or Configuration Setting and Uncontrolled Search Path Element in sfw

Nov 13, 2025

CVE-2025-62527

Taguette vulnerable to password reset link poisoning

Oct 20, 2025

CVE-2025-43792

Remote staging in Liferay Portal 7

Sep 15, 2025

CVE-2025-41452

Post auth nginx configuration injection in Danfoss AK-SM8xxA Series

Aug 22, 2025

CVE-2025-8283

Netavark: podman: netavark may resolve hostnames to unexpected hosts

Jul 28, 2025

CVE-2025-27889

Wing FTP Server before 7

Jul 10, 2025

CVE-2025-30512

Growatt Cloud portal External Control of System or Configuration Setting

Apr 15, 2025

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-41384

OpenClaw < 2026.3.24 - Environment Variable Injection via Workspace Config in CLI Backend

Apr 28, 2026

CVE-2026-41294

OpenClaw < 2026.3.28 - Environment Variable Injection via CWD .env File

Apr 20, 2026

CVE-2026-0232

Cortex XDR Agent: Local Administrator can disable the agent on Windows

Apr 13, 2026

CVE-2026-35650

OpenClaw < 2026.3.22 - Environment Variable Override Bypass via Inconsistent Sanitization

CVE-2026-33092

Local privilege escalation due to improper handling of environment variables

CVE-2026-30817

Arbitrary File Reading Vulnerability in dnsmasq Module in TP-Link AX53

CVE-2026-30816

Arbitrary File Reading Vulnerability in OpenVPN Module in TP-Link AX53

CVE-2026-22177

OpenClaw < 2026.2.21 - Environment Variable Injection via Config env.vars

Mar 18, 2026

CVE-2026-21422

Dell PowerScale OneFS, versions 9

Mar 4, 2026

CVE-2026-27203

eBay API MCP Server Affected by Environment Variable Injection

Feb 20, 2026

CVE-2025-13091

Shopire <= 1.0.57 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install

Feb 19, 2026

CVE-2026-22708

CRITICAL

Cursor has a Terminal Tool Allowlist Bypass via Environment Variables

Jan 14, 2026

CVE-2026-0495

Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)

Jan 13, 2026

CVE-2025-64726

External Control of System or Configuration Setting and Uncontrolled Search Path Element in sfw

Nov 13, 2025

CVE-2025-62527

Taguette vulnerable to password reset link poisoning

Oct 20, 2025

CVE-2025-43792

Remote staging in Liferay Portal 7

Sep 15, 2025

CVE-2025-41452

Post auth nginx configuration injection in Danfoss AK-SM8xxA Series

Aug 22, 2025

CVE-2025-8283

Netavark: podman: netavark may resolve hostnames to unexpected hosts

Jul 28, 2025

CVE-2025-27889

Wing FTP Server before 7

Jul 10, 2025

CVE-2025-30512