Total CVEs

142,714

Critical Severity

4,025

High Severity

14,400

Last 7 Days

1,392
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 18,961 - 18,980 of 39,119 CVEs
CVE-2026-41302 HIGH - 7.6

OpenClaw before 2026.3.31 contains a server-side request forgery vulnerability in the marketplace plugin download functionality that allows remote attackers to make arbitrary network requests. Attackers can exploit unguarded fetch() calls to access internal resources or interact with external servic...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 21, 2026
Source: NVD
CVE-2026-41301 MEDIUM - 5.3

OpenClaw versions 2026.3.22 before 2026.3.31 contain a signature verification bypass vulnerability in the Nostr DM ingress path that allows pairing challenges to be issued before event signature validation. An unauthenticated remote attacker can send forged direct messages to create pending pairing ...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 21, 2026
Source: NVD
CVE-2026-41300 MEDIUM - 6.5

OpenClaw before 2026.3.31 contains a trust-decline vulnerability that preserves attacker-discovered endpoints in remote onboarding flows. Attackers can route gateway credentials to malicious endpoints by having their discovered URL survive the trust decline process into manual prompts requiring oper...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 21, 2026
Source: NVD
CVE-2026-41299 HIGH - 7.1

OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in the chat.send gateway method where ACP-only provenance fields are gated by self-declared client metadata from WebSocket handshake rather than verified authorization state. Authenticated operator clients can spoof ACP identit...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 21, 2026
Source: NVD
CVE-2026-41298 MEDIUM - 5.4

OpenClaw before 2026.4.2 fails to enforce write scopes on the POST /sessions/:sessionKey/kill endpoint in identity-bearing HTTP modes. Read-scoped callers can terminate running subagent sessions by sending requests to this endpoint, bypassing authorization controls.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 21, 2026
Source: NVD
CVE-2026-41297 HIGH - 7.6

OpenClaw before 2026.3.31 contains a server-side request forgery vulnerability in the marketplace plugin download functionality that allows attackers to access internal resources by following unvalidated redirects. The marketplace.ts module fails to restrict redirect destinations during archive down...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 21, 2026
Source: NVD
CVE-2026-41296 HIGH - 8.2

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use race condition in the remote filesystem bridge readFile function that allows sandbox escape. Attackers can exploit the separate path validation and file read operations to bypass sandbox restrictions and read arbitrary files.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 21, 2026
Source: NVD
CVE-2026-41295 HIGH - 7.8

OpenClaw before 2026.4.2 contains an improper trust boundary vulnerability allowing untrusted workspace channel shadows to execute during built-in channel setup and login. Attackers can clone a workspace with a malicious plugin claiming a bundled channel id to achieve unintended in-process code exec...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 21, 2026
Source: NVD
CVE-2026-41294 HIGH - 8.6

OpenClaw before 2026.3.28 loads the current working directory .env file before trusted state-dir configuration, allowing environment variable injection. Attackers can place a malicious .env file in a repository or workspace to override runtime configuration and security-sensitive environment setting...

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 21, 2026
Source: NVD
CVE-2026-41285 MEDIUM - 4.3

In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (over a local network) with length zero, because of an "nd_opt_len * 8 - 2" expression with no preceding check for whether nd_opt_len is zero.

Vendor: OpenBSD
Product: OpenBSD
Published: Apr 21, 2026
Source: NVD
CVE-2026-40045 MEDIUM - 5.7

OpenClaw before 2026.4.2 accepts non-loopback cleartext ws:// gateway endpoints and transmits stored gateway credentials over unencrypted connections. Attackers can forge discovery results or craft setup codes to redirect clients to malicious endpoints, disclosing plaintext gateway credentials.

Vendor: OpenClaw
Product: OpenClaw
Published: Apr 21, 2026
Source: NVD
CVE-2026-35588 MEDIUM - 6.3

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module (`glances/exports/glances_cassandra/__init__.py`) interpolates `keyspace`, `table`, and `replication_factor` configuration values directly into CQL statements without validation. A us...

Vendor: nicolargo
Product: glances
Published: Apr 21, 2026
Source: NVD
CVE-2026-35587 HIGH - 8.8

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery (SSRF) vulnerability exists in the Glances IP plugin due to improper validation of the public_api configuration parameter. The value of public_api is used directly in outbound HTTP ...

Vendor: nicolargo
Product: glances
Published: Apr 21, 2026
Source: NVD
CVE-2026-35570 HIGH - 8.4

OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Versions prior to 0.5.1 have a logic flaw in `bashToolHasPermission()` inside `src/tools/BashTool/bashPermissions.ts`. When the sandbox auto-allow feature is active and no explicit deny rule is conf...

Vendor: Gitlawb
Product: openclaude
Published: Apr 21, 2026
Source: NVD
CVE-2026-34839 HIGH - 6.5

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Glances web server exposes a REST API (`/api/4/*`) that is accessible without authentication and allows cross-origin requests from any origin due to a permissive CORS policy (`Access-Control-Allow-Origin: *`...

Vendor: nicolargo
Product: glances
Published: Apr 21, 2026
Source: NVD
CVE-2026-5721 MEDIUM - 4.7

The wpDataTables โ€“ WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.5.0.4. This is due to insufficient input sanitization and output escaping in the prepareCellOutput() method of t...

Published: Apr 20, 2026
Source: NVD
CVE-2026-34082 MEDIUM - 4.3

Dify is an open-source LLM app development platform. Prior to 1.13.1, the method `DELETE /console/api/installed-apps/<appId>/conversations/<conversationId>` has poor authorization checking and allows any Dify-authenticated user to delete someone else's chat history. Version 1.13.1 p...

Vendor: langgenius
Product: dify
Published: Apr 20, 2026
Source: NVD
CVE-2026-6729 MEDIUM - 6.3

HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse a...

Vendor: hkuds
Product: openharness
Published: Apr 20, 2026
Source: NVD
CVE-2026-29643 HIGH - 7.1

XiangShan (Open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) contains an improper exceptional-condition handling flaw in its CSR subsystem (NewCSR). On affected versions, certain sequences of CSR operations targeting non-existent/custom CSR a...

Published: Apr 20, 2026
Source: NVD

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 are susceptible to a Information Disclosure vulnerability. Successful exploit could allow an authenticated attacker with low privileges to run arbitrary metrics queries, revealing metric results that they do not hav...

Vendor: NETAPP
Product: StorageGRID (formerly StorageGRID Webscale)
Published: Apr 20, 2026
Source: NVD