Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
pam_usb: getenv() used in PAM context allows environment variable injection into local-check logic
OpenClaw < 2026.5.7 - Sender Policy Bypass via Mutable Conversation Identifiers in BlueBubbles
The connection confirmation pop-up of a specific feature in the PcSuite can be bypassed
SillyTavern: Authentication Bypass via SSO Header Injection
e107: Host Header Injection in e107 password reset enables phishing
Remote Spark SparkView RCE
Client-supplied URI scheme trusted without transport verification in bandit
OpenClaw < 2026.3.31 - Access Control Bypass via Proxied Remote Request Misclassification
OpenClaw < 2026.3.28 - Exec Allowlist Bypass via Unregistered /usr/bin/script Wrapper
OpenClaw < 2026.3.28 - Arbitrary Execution Allowlist via Wrapper Carrier Executables
A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via craft...
OpenClaw < 2026.3.28 - Client Identity Spoofing in chat.send Gateway Provenance Guard
UEFI Secure Boot Security Feature Bypass Vulnerability
SpotFTP Password Recover 2.4.2 Denial of Service via Name Field
OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat
OpenClaw < 2026.3.22 - Identity Spoofing via rawInput Tool in ACP Permission Resolution
OpenClaw < 2026.3.22 - Policy Confusion via Room Name Collision in Nextcloud Talk
OpenClaw < 2026.3.25 - Authorization Bypass via Group Policy Rebinding with Mutable Space displayName
Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision
GINA Domain Switch
Showing 1 - 20 of 1,000+ results