Total CVEs

144,218

Critical Severity

4,148

High Severity

14,965

Last 7 Days

1,623
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 22,021 - 22,040 of 40,623 CVEs
CVE-2026-35652 MEDIUM - 6.5

OpenClaw before 2026.3.22 contains an authorization bypass vulnerability in interactive callback dispatch that allows non-allowlisted senders to execute action handlers. Attackers can bypass sender authorization checks by dispatching callbacks before normal security validation completes, enabling un...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35651 MEDIUM - 4.3

OpenClaw versions 2026.2.13 through 2026.3.24 contain an ANSI escape sequence injection vulnerability in approval prompts that allows attackers to spoof terminal output. Untrusted tool metadata can carry ANSI control sequences into approval prompts and permission logs, enabling attackers to manipula...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35650 HIGH - 7.5

OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. Attackers can supply blocked or malformed override keys that slip through inconsistent validation to ...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35649 MEDIUM - 6.5

OpenClaw before 2026.3.22 contains a settings reconciliation vulnerability that allows attackers to bypass intended deny-all revocations by exploiting empty allowlist handling. The vulnerability treats explicit empty allowlists as unset during reconciliation, silently undoing intended access control...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD

OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or declarations that survive policy tightening to execute unauthorized commands.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35647 MEDIUM - 5.3

OpenClaw before 2026.3.25 contains an access control vulnerability where verification notices bypass DM policy checks and reply to unpaired peers. Attackers can send verification notices to users outside allowed direct message policies by exploiting insufficient access validation before message tran...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35643 HIGH - 8.8

OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject arbitrary instructions. Untrusted pages can invoke the canvas bridge to execute malicious code within the Android application context.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35641 HIGH - 7.8

OpenClaw before 2026.3.24 contains an arbitrary code execution vulnerability in local plugin and hook installation that allows attackers to execute malicious code by crafting a .npmrc file with a git executable override. During npm install execution in the staged package directory, attackers can lev...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35621 MEDIUM - 6.5

OpenClaw before 2026.3.24 contains a privilege escalation vulnerability where the /allowlist command fails to re-validate gateway client scopes for internal callers, allowing operator.write-scoped clients to mutate channel authorization policy. Attackers can exploit chat.send to build an internal co...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35620 MEDIUM - 5.4

OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owner-only session delivery policy settings, and the /allowlist mutating commands fail to enforce operat...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35619 MEDIUM - 4.3

OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the stric...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 10, 2026
Source: NVD
CVE-2026-35602 MEDIUM - 5.4

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the Vikunja file import endpoint uses the attacker-controlled Size field from the JSON metadata inside the import zip instead of the actual decompressed file content length for the file size enforcement check. By setting...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35601 MEDIUM - 4.1

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the CalDAV output generator builds iCalendar VTODO entries via raw string concatenation without applying RFC 5545 TEXT value escaping. User-controlled task titles containing CRLF characters break the iCalendar property b...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35600 MEDIUM - 5.4

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, task titles are embedded directly into Markdown link syntax in overdue email notifications without escaping Markdown special characters. When rendered by goldmark and sanitized by bluemonday (which allows <a> and &...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35599 MEDIUM - 6.5

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the addRepeatIntervalToTime function uses an O(n) loop that advances a date by the task's RepeatAfter duration until it exceeds the current time. By creating a repeating task with a 1-second interval and a due date ...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35598 MEDIUM - 4.3

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the CalDAV GetResource and GetResourcesByList methods fetch tasks by UID from the database without verifying that the authenticated user has access to the task's project. Any authenticated CalDAV user who knows (or ...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35597 MEDIUM - 5.9

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the TOTP failed-attempt lockout mechanism is non-functional due to a database transaction handling bug. When a TOTP validation fails, the login handler in pkg/routes/api/v1/login.go calls HandleFailedTOTPAuth and then un...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35596 MEDIUM - 4.3

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the hasAccessToLabel function contains a SQL operator precedence bug that allows any authenticated user to read any label that has at least one task association, regardless of project access. Label titles, descriptions, ...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-35595 HIGH - 8.3

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the CanUpdate check at pkg/models/project_permissions.go:139-148 only requires CanWrite on the new parent project when changing parent_project_id. However, Vikunja's permission model uses a recursive CTE that walks ...

Vendor: go-vikunja
Product: vikunja
Published: Apr 10, 2026
Source: NVD
CVE-2026-22560 MEDIUM - 5.3

An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.

Vendor: Rocket.Chat
Product: Rocket.Chat
Published: Apr 10, 2026
Source: NVD