Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Indian Scout Bobber 2025 Infotainment Digital Round skips PIN entry when WCM is silent at boot
Indian Scout Bobber 2025 Infotainment Digital Round skips PIN entry when WCM is silent at boot
MCP Registry: OCI ownership validation fails open on upstream rate limits, allowing attacker-controlled package claims
net-imap vulnerable to STARTTLS stripping via invalid response timing
OpenClaw < 2026.4.8 - strictInlineEval Approval Boundary Bypass via Approval-Timeout Fallback
OpenClaw < 2026.3.31 - Fail-Open Security Scan Bypass in Plugin Installation
OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass
OpenViking < 0.3.9 Authentication Bypass via VikingBot OpenAPI
free5gc UDR fail-open request handling in PolicyDataSubsToNotifySubsIdPut may allow unintended subscription updates after input errors
free5gc UDR improper path validation allows unauthenticated creation and modification of Traffic Influence Subscriptions
free5gc UDR improper path validation allows unauthenticated access to Traffic Influence Subscriptions
Helm's plugin verification fails open when .prov is missing, allowing unsigned plugin install
fast-jwt accepts unknown `crit` header extensions (RFC 7515 §4.1.11 MUST violation)
OpenClaw < 2026.3.11 - Credential Fallback Logic Bypass via Unavailable Local Auth SecretRefs
pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback
Pass filter with Empty Table
Use of wildcard (“*” or “all”) in Block list
Snuffleupagus vulnerable to RCE on instances with upload validation enabled but without the VLD package
VTun-ng's failure to initialize encryption modules may cause reversion to plaintext
Windows BitLocker Information Disclosure Vulnerability
Showing 1 - 20 of 1,000+ results