Search Vulnerabilities

uutils coreutils cp Semantic Loss and Potential Denial of Service with -R via Device Node Stream Reading

OpenFGA has Improper Policy Enforcement

OpenClaw < 2026.3.22 - Allowlist Bypass via Unregistered Time Dispatch Wrapper

OpenClaw < 2026.3.22 - Webhook Path Route Replacement Vulnerability in Synology Chat

fast-jwt Affected by Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup)

srvx is vulnerable to middleware bypass via absolute URI in request line

h3: Missing Path Segment Boundary Check in `mount()` Causes Middleware Execution on Unrelated Prefix-Matching Routes

Use of Incorrectly-Resolved Name or Reference in GitLab

WeKnora: Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection

SSRF vulnerability in opennextjs-cloudflare via /cdn-cgi/ path normalization bypass

File Browser has a Path-Based Access Control Bypass via Multiple Leading Slashes in URL

SmarterTools SmarterMail < Build 9518 Unauthenticated background-of-the-day Path Coercion

Apptainer ineffective application of selinux and apparmor --security options

Singluarity ineffectively applies of selinux / apparmor LSM process labels

Arbitrary node_modules Directory Deletion in Google zx

CommandKit exposes incorrect command name in context object for message command aliases

Hono contains a flaw in URL path parsing, potentially leading to path confusion

A10 Networks AX Loadbalancer Path Traversal

Chrome Cookie Key Exposure via AppBound COM Path Validation Weakness

NamelessMC Forum Topic Deletion Triggered by Unrelated User Deletion