Search Vulnerabilities

OpenClaw < 2026.3.28 - Client Identity Spoofing in chat.send Gateway Provenance Guard

Apr 20, 2026

CVE-2026-0390

UEFI Secure Boot Security Feature Bypass Vulnerability

Apr 14, 2026

CVE-2019-25711

SpotFTP Password Recover 2.4.2 Denial of Service via Name Field

Apr 12, 2026

CVE-2026-35670

OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat

CVE-2026-35655

OpenClaw < 2026.3.22 - Identity Spoofing via rawInput Tool in ACP Permission Resolution

CVE-2026-35624

OpenClaw < 2026.3.22 - Policy Confusion via Room Name Collision in Nextcloud Talk

CVE-2026-35617

OpenClaw < 2026.3.25 - Authorization Bypass via Group Policy Rebinding with Mutable Space displayName

CVE-2025-13926

Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision

CVE-2026-29134

GINA Domain Switch

Apr 2, 2026

CVE-2026-32975

OpenClaw < 2026.3.12 - Weak Authorization via Mutable Group Names in Zalouser Allowlist

Mar 29, 2026

CVE-2019-25621

Pixel Studio 2.17 Denial of Service via Malformed Input

Mar 23, 2026

CVE-2019-25594

ASPRunner.NET 10.1 Denial of Service via Table Name Field

Mar 22, 2026

CVE-2019-25544

Pidgin 2.13.0 Denial of Service via Malformed Username

CVE-2026-32898

OpenClaw < 2026.2.23 - ACP Permission Auto-Approval Bypass via Untrusted Tool Metadata

CVE-2026-32057

OpenClaw < 2026.2.25 - Authentication Bypass via Control UI client.id Parameter

CVE-2026-29794

Vikunja has Rate-Limit Bypass for Unauthenticated Users via Spoofed Headers

CVE-2026-33068

Claude Code has a Workspace Trust Dialog Bypass via Repo-Controlled Settings File

CVE-2026-27707

Plex-configured Seerr instances vulnerable to unauthenticated account registration via Jellyfin authentication endpoint

Feb 27, 2026

CVE-2026-21514

Microsoft Word Security Feature Bypass Vulnerability

Feb 10, 2026

CVE-2026-25958

Cube privilege escalation via a specially crafted request

Feb 9, 2026

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-41299

OpenClaw < 2026.3.28 - Client Identity Spoofing in chat.send Gateway Provenance Guard

Apr 20, 2026

CVE-2026-0390

UEFI Secure Boot Security Feature Bypass Vulnerability

Apr 14, 2026

CVE-2019-25711

SpotFTP Password Recover 2.4.2 Denial of Service via Name Field

Apr 12, 2026

CVE-2026-35670

OpenClaw < 2026.3.22 - Webhook Reply Rebinding via Username Resolution in Synology Chat

CVE-2026-35655

OpenClaw < 2026.3.22 - Identity Spoofing via rawInput Tool in ACP Permission Resolution

CVE-2026-35624

OpenClaw < 2026.3.22 - Policy Confusion via Room Name Collision in Nextcloud Talk

CVE-2026-35617

OpenClaw < 2026.3.25 - Authorization Bypass via Group Policy Rebinding with Mutable Space displayName

CVE-2025-13926

Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision

CVE-2026-29134

GINA Domain Switch

Apr 2, 2026

CVE-2026-32975

OpenClaw < 2026.3.12 - Weak Authorization via Mutable Group Names in Zalouser Allowlist

Mar 29, 2026

CVE-2019-25621

Pixel Studio 2.17 Denial of Service via Malformed Input

Mar 23, 2026

CVE-2019-25594

ASPRunner.NET 10.1 Denial of Service via Table Name Field

Mar 22, 2026

CVE-2019-25544

Pidgin 2.13.0 Denial of Service via Malformed Username

CVE-2026-32898

OpenClaw < 2026.2.23 - ACP Permission Auto-Approval Bypass via Untrusted Tool Metadata

CVE-2026-32057

OpenClaw < 2026.2.25 - Authentication Bypass via Control UI client.id Parameter

CVE-2026-29794

Vikunja has Rate-Limit Bypass for Unauthenticated Users via Spoofed Headers

CVE-2026-33068

Claude Code has a Workspace Trust Dialog Bypass via Repo-Controlled Settings File

CVE-2026-27707

Plex-configured Seerr instances vulnerable to unauthenticated account registration via Jellyfin authentication endpoint

Feb 27, 2026

CVE-2026-21514

Microsoft Word Security Feature Bypass Vulnerability

Feb 10, 2026

CVE-2026-25958