Search Vulnerabilities

OpenClaw < 2026.5.2 - Arbitrary Command Execution via Workspace-Derived Service PATH

OpenClaw < 2026.5.2 - Arbitrary Runtime Dependency Loading via STATE_DIRECTORY Environment Variable

OpenClaw < 2026.4.29 - Arbitrary Package Manager Execution via Workspace .env npm_execpath

OpenClaw < 2026.5.2 - Arbitrary Python Runtime Execution via CLOUDSDK_PYTHON Environment Variable

Kitty has an Arbitrary File Write via Symlink Race Condition in File Transmission Protocol

OpenClaw < 2026.5.27 - Arbitrary Homebrew Executable Execution via Workspace .env Override

Windows Narrator Braille Elevation of Privilege Vulnerability

Windows Storage Elevation of Privilege Vulnerability

Local Privilege Escalation via Dynamic Library Injection in Waves Central for macOS

Privilege Escalation in AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL

Privilege Escalation in AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL

CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE

Algernon: handler.lua discovery walks parent directories above the server root

Turborepo: Unexpected local code execution during Yarn Berry detection

GlobalProtect App: Local Privilege Escalation Vulnerabilities

Untrusted search path in the installer for Zoom Rooms for Windows before version 7

Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability

Openshift-controller-manager: openshift container platform: information disclosure via environment variable injection

uutils coreutils chroot Local Privilege Escalation and chroot Escape in via Name Service Switch (NSS) Injection

Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows