CVE-2026-58102 - Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts
Published: Mon, 13 Jul 2026 22:22:48 +0000
CVE ID :CVE-2026-58102
Published : July 13, 2026, 10:22 p.m. | 14 minutes ago
Description :Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts.
When building the extension hash (via extensions(), extensions_by_long_name(), extensions_by_oid(), or has_extension_oid()), the code passes OBJ_obj2txt()'s return value as the hash-key length; because that value is the OID's full text length rather than the bytes written to the fixed-size buffer (129 bytes), an OID whose text is longer than the 129-byte buffer causes a read past the allocation, exposing adjacent heap memory as the returned hash key. extensions_by_name() uses the static shortname path and is not affected.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-58101 - Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference
Published: Mon, 13 Jul 2026 22:17:48 +0000
CVE ID :CVE-2026-58101
Published : July 13, 2026, 10:17 p.m. | 19 minutes ago
Description :Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference.
X509V3_EXT_d2i(ext) returns NULL when an extension's DER value fails to parse. basicC, ia5string, and auth_att dereference its result without a NULL check. keyid_data also dereferences akid->keyid, which is NULL for an empty AKI SEQUENCE (DER 30 00) even when the parse succeeds.
A caller invoking an affected helper on an extension from an untrusted certificate triggers a SIGSEGV that crashes the Perl process.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62328 - 9Router 0.4.41 - Unauthenticated Information Disclosure via API Usage Endpoints
Published: Mon, 13 Jul 2026 22:16:52 +0000
CVE ID :CVE-2026-62328
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to access sensitive user data by sending requests to unprotected API endpoints. Attackers can enumerate paginated request logs and retrieve complete AI conversation histories including system prompts, user messages, assistant responses, tool calls, and user email addresses by querying the request-logs and request-details API routes which lack authentication middleware.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62327 - 9Router 0.4.41 - Unauthenticated API Key Exposure via /api/usage/stats
Published: Mon, 13 Jul 2026 22:16:52 +0000
CVE ID :CVE-2026-62327
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to retrieve plaintext API keys for all connected AI provider accounts by sending a single unauthenticated request to the /api/usage/stats endpoint. Attackers can exploit the missing authentication middleware on the Next.js API route to obtain full API key strings alongside token counts, cost breakdowns, and request metadata, enabling unauthorized use of connected AI provider accounts, billing fraud, and quota exhaustion.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62242 - Spring Boot Admin Server < 4.1.2 SSRF via Unauthenticated Instance Registration
Published: Mon, 13 Jul 2026 22:16:52 +0000
CVE ID :CVE-2026-62242
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :Spring Boot Admin Server before 4.1.2 contains a server-side request forgery vulnerability that allows unauthenticated attackers to register instances with attacker-controlled healthUrl and managementUrl parameters without validation against private IP ranges or metadata endpoints. Attackers can force the server to make HTTP requests to arbitrary internal addresses and retrieve response bodies via the actuator proxy to exfiltrate cloud credentials.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62240 - CrewAI < 1.15.1 SSRF Filter Bypass via HTTP Redirect in Scrape Tools
Published: Mon, 13 Jul 2026 22:16:52 +0000
CVE ID :CVE-2026-62240
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :CrewAI before 1.15.1 contains a server-side request forgery vulnerability in the validate_url function that performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. Attackers can bypass the security filter by supplying URLs that redirect to internal addresses or use DNS rebinding techniques to access internal services and cloud metadata endpoints.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62239 - FlashAttention Symlink Attack via tarfile.extractall in hopper/setup.py
Published: Mon, 13 Jul 2026 22:16:51 +0000
CVE ID :CVE-2026-62239
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the download_and_copy() function within hopper/setup.py that extracts NVIDIA toolchain archives without validating symlinks or filtering tar members. A local attacker can pre-plant a symlink in the predictable cache directory to redirect extracted binaries to an attacker-chosen location, enabling arbitrary file write with victim privileges during build time.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62200 - OpenClaw < 2026.6.6 Authentication Bypass via Git ext transport
Published: Mon, 13 Jul 2026 22:16:51 +0000
CVE ID :CVE-2026-62200
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions before 2026.6.1 contain a flaw in host exec environment filtering that could allow Git ext transport to be abused. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could execute or persist actions beyond the caller's intended authorization.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62199 - OpenClaw < 2026.6.6 Authentication Bypass via Environment Filtering
Published: Mon, 13 Jul 2026 22:16:51 +0000
CVE ID :CVE-2026-62199
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions before 2026.6.6 contain a flaw in host exec environment filtering that can miss interpreter startup variables. When the affected feature is enabled and reachable, a lower-trust caller or configured input path can supply crafted environment variables to execute or persist actions beyond the caller's intended authorization.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62198 - OpenClaw 2026.5.28 < 2026.6.6 Authorization Bypass via Web Search
Published: Mon, 13 Jul 2026 22:16:51 +0000
CVE ID :CVE-2026-62198
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions 2026.5.28 before 2026.6.6 contain an authorization bypass vulnerability in native web search that allows lower-trust callers to perform actions requiring stronger policy checks. Attackers can exploit misconfigured input paths to bypass intended authorization controls and execute restricted operations.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62197 - OpenClaw < 2026.6.6 Policy Bypass via CDP Discovery
Published: Mon, 13 Jul 2026 22:16:51 +0000
CVE ID :CVE-2026-62197
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw before 2026.6.6 contains a policy bypass vulnerability in browser CDP discovery that accepts blocked WebSocket URLs. Attackers with lower-trust access can reach network destinations that should have been blocked by OpenClaw policy when the affected feature is enabled.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62196 - OpenClaw 2026.3.22 < 2026.6.6 Authorization Bypass via WhatsApp Group IDs
Published: Mon, 13 Jul 2026 22:16:51 +0000
CVE ID :CVE-2026-62196
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions 2026.3.22 before 2026.6.6 contain an authorization bypass vulnerability where WhatsApp group IDs can satisfy elevated sender allowlists. Attackers with lower-trust access can perform actions requiring stronger authorization by leveraging group ID validation in the affected feature.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62195 - OpenClaw 2026.5.20 < 2026.6.6 Authorization Bypass via MCP loopback
Published: Mon, 13 Jul 2026 22:16:51 +0000
CVE ID :CVE-2026-62195
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions 2026.5.20 before 2026.6.6 contain an authorization bypass vulnerability in the MCP loopback feature that allows lower-trust callers to execute owner-only tools. Attackers can bypass authorization checks through configured input paths to execute or persist actions beyond their intended permissions.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62194 - OpenClaw 2026.5.20 < 2026.6.9 Privilege Escalation via Plugin Install
Published: Mon, 13 Jul 2026 22:16:50 +0000
CVE ID :CVE-2026-62194
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions 2026.5.20 before 2026.6.9 contain a privilege escalation vulnerability in plugin install commands that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attackers can exploit misconfigured input paths or enabled features to escalate privileges and perform unauthorized actions when the feature is reachable.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62193 - OpenClaw 2026.6.5 < 2026.6.9 Authentication Bypass via Plugin Install
Published: Mon, 13 Jul 2026 22:16:50 +0000
CVE ID :CVE-2026-62193
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions 2026.6.5 before 2026.6.9 contain a vulnerability in the plugin install wrappers that could skip the install policy (authorization) check. When the affected feature is enabled and reachable, a lower-trust caller or a configured input path could execute or persist actions beyond the caller's intended authorization. Impact depends on the operator's configuration and whether lower-trust input can reach the affected path. The issue is fixed in 2026.6.9.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62192 - OpenClaw 2026.6.6 < 2026.6.9 Authorization Bypass
Published: Mon, 13 Jul 2026 22:16:50 +0000
CVE ID :CVE-2026-62192
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions 2026.6.6 before 2026.6.9 contain an authorization bypass vulnerability in Discord guild actions that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can exploit misconfigured input paths to skip cross-provider requester authorization and execute restricted operations.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62191 - OpenClaw 2026.6.6 < 2026.6.8 Authorization Bypass via Message Mutations
Published: Mon, 13 Jul 2026 22:16:50 +0000
CVE ID :CVE-2026-62191
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions 2026.6.6 before 2026.6.9 contain an authorization bypass vulnerability in message mutation handling that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can exploit misconfigured input paths to skip requester authorization and execute privileged operations when the affected feature is enabled and reachable.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62190 - OpenClaw < 2026.6.9 Authorization Bypass via flock wrapper
Published: Mon, 13 Jul 2026 22:16:50 +0000
CVE ID :CVE-2026-62190
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions before 2026.6.9 contain an authorization bypass vulnerability in the flock wrapper that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attackers can leverage configured input paths to bypass durable exec approval binding and perform unauthorized operations when the affected feature is enabled.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62189 - OpenClaw < 2026.6.9 Symlink Following via Mirror Sync
Published: Mon, 13 Jul 2026 22:16:50 +0000
CVE ID :CVE-2026-62189
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions before 2026.6.9 contain a symlink following vulnerability in the mirror sync feature that allows lower-trust callers to perform actions requiring stronger authorization. Attackers can exploit remote symlink parents to bypass policy checks and authorization boundaries when the feature is enabled and reachable.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62188 - OpenClaw < 2026.6.9 Feishu Authorization Bypass
Published: Mon, 13 Jul 2026 22:16:49 +0000
CVE ID :CVE-2026-62188
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw @openclaw/feishu versions 2026.6.6 and earlier contain an incorrect authorization vulnerability in which the Feishu permission tools could ignore per-account disablement settings. When the affected feature is enabled and reachable, a lower-trust caller or configured input path could perform actions that should have required a stronger authorization or policy check. The issue is fixed in version 2026.6.9.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62187 - OpenClaw < 2026.6.9 Feishu tools Authorization Bypass
Published: Mon, 13 Jul 2026 22:16:49 +0000
CVE ID :CVE-2026-62187
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw Feishu tools (npm package @openclaw/feishu) in versions <= 2026.6.6 could ignore per-account disablement. A lower-trust caller or a configured input path could perform actions that should have required a stronger authorization or policy check, resulting in unauthorized operations. The issue is fixed in version 2026.6.9. Impact depends on the operator's configuration and whether lower-trust input can reach the affected feature.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62186 - OpenClaw < 2026.6.8 Authorization Bypass via HTTP Model Override
Published: Mon, 13 Jul 2026 22:16:49 +0000
CVE ID :CVE-2026-62186
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :OpenClaw versions before 2026.6.8 contain an authorization bypass vulnerability in OpenAI-compatible HTTP model overrides that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can exploit misconfigured input paths to bypass admin authorization policies and execute restricted operations.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62185 - Argo CD Helm Chart < 10.0.0 Missing Network Policy RCE
Published: Mon, 13 Jul 2026 22:16:49 +0000
CVE ID :CVE-2026-62185
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-62184 - luci-app-banip Log Monitor IP Extraction Bypass
Published: Mon, 13 Jul 2026 22:16:49 +0000
CVE ID :CVE-2026-62184
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :luci-app-banip contains a log parsing vulnerability where the awk-based parser extracts the first IPv4 address from log lines regardless of field position, allowing attackers to inject arbitrary IPs via attacker-controlled fields like usernames. An unauthenticated remote attacker can inject an IP address into the login username field, causing banIP to block the wrong target while the real attacker remains unblocked.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-61458 - PasswordPusher < 2.9.2 Passphrase Brute-Force via Unthrottled Endpoint
Published: Mon, 13 Jul 2026 22:16:49 +0000
CVE ID :CVE-2026-61458
Published : July 13, 2026, 10:16 p.m. | 20 minutes ago
Description :PasswordPusher before 2.9.2 contains a brute-force vulnerability in the POST /p/:token/access endpoint that lacks route-specific rate limiting and per-push lockout mechanisms. Attackers who know a push token can systematically guess passphrases at 120 attempts per minute without triggering any push-level defense, making short or dictionary-derived passphrases practically recoverable within hours or days.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
