Search Vulnerabilities

Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data.

Apache APISIX: Session replay issue in hmac-auth

Lack of cryptographic protection in Wertheim SafeController 5400 enables RS-485 message sniffing and replay

WSS4J validation does not use configured replay cache

Indian Scout Bobber 2025 Infotainment-to-WCM weak authentication allows recovery of user PIN from observed exchange

Microsoft UFO accepts cross-device TASK_END messages by session_id only, allowing peer task-result injection

Besen BS20 EV Charging Station BLE/WiFi authentication replay

azureauthextension Authenticate method does not validate bearer tokens, allowing auth bypass via replay

OpenClaw < 2026.3.31 - Webhook Replay Detection Bypass via Base64 Signature Re-encoding

OpenClaw < 2026.3.23 - Replay Identity Drift via Query-Only Variants in Plivo V2 Verification

mppx: Tempo has a session close voucher bypass vulnerability due to settled amount equality

OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via Device Pairing

Dovecot OTP authentication is vulnerable to replay attack under specific conditions

Shenzhen HCC Technology MPOS M6 PLUS Bluetooth authentication replay

OpenClaw < 2026.2.23 - Twilio Webhook Replay Bypass via Randomized Event ID Normalization

OpenClaw < 2026.2.25 - Webhook Replay Attack via Missing Durable Replay Suppression

Authentication Bypass due to Improper Session Validation

OneUptime has WebAuthn 2FA bypass: server accepts client-supplied challenge instead of server-stored value, allowing credential replay

Micca KE700 Acceptance of previously used rolling codes

DJI Mavic Mini/Air/Spark/Mini SE Enhanced Wi-Fi Pairing authentication replay