Total CVEs

143,749

Critical Severity

4,091

High Severity

14,758

Last 7 Days

1,522
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 1,101 - 1,120 of 1,590 CVEs

OpenClaw versions prior to 2026.2.22 contain a path traversal vulnerability in the static file handler that follows symbolic links, allowing out-of-root file reads. Attackers can place symlinks under the Control UI root directory to bypass directory confinement checks and read arbitrary files outsid...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD

OpenClaw versions prior to 2026.2.19 contain a race condition vulnerability in concurrent updateRegistry and removeRegistryEntry operations for sandbox containers and browsers. Attackers can exploit unsynchronized read-modify-write operations without locking to cause registry updates to lose data, r...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD

OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where DM pairing-store identities are incorrectly treated as group allowlist identities when dmPolicy=pairing and groupPolicy=allowlist. Remote attackers can send messages and reactions as DM-paired identities without...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD
CVE-2026-3230 LOW - 2.7

Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required key_share extension, resu...

Vendor: wolfssl
Product: wolfssl
Published: Mar 19, 2026
Source: NVD

WWBN AVideo is an open source video platform. Prior to version 26.0, WWBN/AVideo contains an open redirect vulnerability in the login flow where a user-supplied redirectUri parameter is reflected directly into a JavaScript `document.location` assignment without JavaScript-safe encoding. After a user...

Vendor: composer
Product: wwbn/avideo
Published: Mar 19, 2026
Source: GitHub

OpenClaw versions prior to 2026.2.19 tools.exec.safeBins contains an input validation bypass vulnerability that allows attackers to execute unintended filesystem operations through sort output flags or recursive grep flags. Attackers with command execution access can leverage sort -o flag for arbitr...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD

OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where Signal group allowlist policy incorrectly accepts sender identities from DM pairing-store approvals. Attackers can exploit this boundary weakness by obtaining DM pairing approval to bypass group allowlist checks...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 19, 2026
Source: NVD

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.28 and 8.6.48, the password reset mechanism does not enforce single-use guarantees for reset tokens. When a user requests a password reset, the generated token can be consumed...

Vendor: parse-community
Product: parse-server
Published: Mar 18, 2026
Source: NVD

Nhost is an open source Firebase alternative with GraphQL. Prior to version 0.12.0, the storage service's file upload handler trusts the client-provided Content-Type header without performing server-side MIME type detection. This allows an attacker to upload files with an arbitrary MIME type, b...

Vendor: go
Product: github.com/nhost/nhost
Published: Mar 18, 2026
Source: GitHub
CVE-2026-4356 LOW - 2.4

A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add_result.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used.

Published: Mar 18, 2026
Source: NVD

OpenClaw versions prior to 2026.2.21 accept prototype-reserved keys in runtime /debug set override object values, allowing prototype pollution attacks. Authorized /debug set callers can inject __proto__, constructor, or prototype keys to manipulate object prototypes and bypass command gate restricti...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 18, 2026
Source: NVD
CVE-2026-4355 LOW - 3.5

A vulnerability was detected in Portabilis i-Educar 2.11. This impacts an unknown function of the file /intranet/educar_servidor_curso_lst.php of the component Endpoint. Performing a manipulation of the argument Name results in cross site scripting. The attack may be initiated remotely. The exploit ...

Published: Mar 18, 2026
Source: NVD
CVE-2026-4354 LOW - 3.5

A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01. The impacted element is the function sub_420A78 of the file apply_sec.cgi of the component Web Interface. Such manipulation of the argument Language leads to cross site scripting. It is possible to launch the attack remotely. Th...

Published: Mar 18, 2026
Source: NVD
CVE-2026-4359 LOW - 2.0

A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications using the MongoDB C driver.

Published: Mar 17, 2026
Source: NVD

astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.6 and earlier, malformed PAX extensions were silently skipped when parsing tar archives. This silent skipping (rather than rejection) of invalid PAX extensions could be used as a building block for a parser dif...

Vendor: rust
Product: astral-tokio-tar
Published: Mar 17, 2026
Source: GitHub

The GL-iNet Comet (GL-RM1) KVM connects to a GL-iNet site during boot-up to provision client and CA certificates. The GL-RM1 does not verify certificates used for this connection, allowing an attacker-in-the-middle to serve invalid client and CA certificates. The GL-RM1 will attempt to use the inval...

Vendor: GL-iNet
Product: Comet KVM
Published: Mar 17, 2026
Source: NVD

Next.js is a React framework for building full-stack web applications. Starting in version 16.0.1 and prior to version 16.1.7, in `next dev`, cross-site protection for internal websocket endpoints could treat `Origin: null` as a bypass case even if `allowedDevOrigins` is configured, allowing privacy...

Vendor: npm
Product: next
Published: Mar 17, 2026
Source: GitHub

HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restrictions by sending manipulated HTTP requests directly to the server.

Vendor: HCL
Product: Sametime
Published: Mar 17, 2026
Source: NVD
CVE-2026-3634 LOW - 3.9

A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbit...

Vendor: gnome
Product: libsoup
Published: Mar 17, 2026
Source: NVD
CVE-2026-3633 LOW - 3.9

A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF (Carriage Return Line Feed) injection, occurs because the method value is not proper...

Vendor: gnome
Product: libsoup
Published: Mar 17, 2026
Source: NVD