Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-34302 Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Workflow Loader). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows ... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-34305 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0.... | 7.5 | HIGH | — | 0 |
| CVE-2026-34309 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows ... | 8.1 | HIGH | — | 0 |
| CVE-2026-34310 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are... | 7.5 | HIGH | — | 0 |
| CVE-2026-22746 Vulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoA... | 3.7 | LOW | — | 0 |
| CVE-2026-22747 Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the userna... | 6.8 | MEDIUM | — | 0 |
| CVE-2026-22748 Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder or NimbusReactiveJwtDecoder, it must configure an OAuth2TokenValidator<Jwt> separately, for ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-22753 Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter ch... | 7.5 | HIGH | — | 0 |
| CVE-2026-22754 Vulnerability in Spring Spring Security. If an application uses <sec:intercept-url servlet-path="/servlet-path" pattern="/endpoint/**"/> to define the servlet path for computing a path matcher, then t... | 7.5 | HIGH | — | 0 |
| CVE-2026-40882 OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.0, the Velbus asset import path parses attacker-controlled XML without explicit XXE hardening. An authenticated user who... | 7.6 | HIGH | — | 0 |
| CVE-2026-41166 OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has `write:admin` in one Keycloak realm can call the Manager API to update Keycloak realm roles for users ... | 7.0 | HIGH | — | 0 |
| CVE-2026-24303 Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network. | 9.6 | CRITICAL | — | 0 |
| CVE-2026-26150 Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network. | 8.6 | HIGH | — | 0 |
| CVE-2026-2708 A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each head... | 3.7 | LOW | — | 0 |
| CVE-2026-32172 Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network. | 8.0 | HIGH | — | 0 |
| CVE-2026-33102 Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network. | 9.3 | CRITICAL | — | 0 |
| CVE-2026-33819 Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network. | 10.0 | CRITICAL | — | 0 |
| CVE-2026-35431 Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network. | 10.0 | CRITICAL | — | 0 |
| CVE-2026-41332 OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GIT_TEMPLATE_DIR and AWS_CONFIG_FILE are not blocked in the host-env blocklist. Attackers can exploit approv... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-41333 OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can ex... | 3.7 | LOW | — | 0 |
| CVE-2026-41334 OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized i... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-41335 OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-41336 OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_HOOKS_DIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted ... | 7.8 | HIGH | — | 0 |
| CVE-2026-41337 OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay that allows attackers to mutate in-process callback origin before replay rejection. Attackers wit... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-41338 OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns... | 5.0 | MEDIUM | — | 0 |
| CVE-2026-41339 OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths ... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-41340 OpenClaw before 2026.3.31 contains an authentication boundary vulnerability where Telegram legacy allowFrom migration incorrectly fans default-account trust into all named accounts. Attackers can expl... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-41341 OpenClaw before 2026.3.31 contains a logic error in Discord component interaction routing that misclassifies group direct messages as direct messages in extensions/discord/src/monitor/agent-components... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-41342 OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote onboarding component that persists unauthenticated discovery endpoints without explicit trust confirmation. Atta... | 7.3 | HIGH | — | 0 |
| CVE-2026-41343 OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can flood the webhook en... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-41344 OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attacke... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-41345 OpenClaw before 2026.3.31 contains a credential exposure vulnerability in media download functionality that forwards Authorization headers across cross-origin redirects. Attackers can exploit this by ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-41346 OpenClaw 2026.2.26 before 2026.3.31 enforces pending pairing-request caps per channel file instead of per account, allowing attackers to exhaust the shared pending window. Remote attackers can submit ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-41347 OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by se... | 7.1 | HIGH | — | 0 |
| CVE-2026-41348 OpenClaw before 2026.3.31 contains an authorization bypass vulnerability in Discord slash command and autocomplete paths that fail to enforce group DM channel allowlist restrictions. Authorized Discor... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-41349 OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval via config.patch parameter. Remote attackers can exploit this to b... | 8.8 | HIGH | — | 0 |
| CVE-2026-41350 OpenClaw before 2026.3.31 contains a session visibility bypass vulnerability where the session_status function fails to enforce configured tools.sessions.visibility restrictions for unsandboxed invoca... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-41351 OpenClaw before 2026.3.31 contains a replay detection bypass vulnerability in webhook signature handling that treats Base64 and Base64URL encoded signatures as distinct requests. Attackers can re-enco... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-41352 OpenClaw before 2026.3.31 contains a remote code execution vulnerability where a device-paired node can bypass the node scope gate authentication mechanism. Attackers with device pairing credentials c... | 8.8 | HIGH | — | 0 |
| CVE-2026-41353 OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile mutation and ... | 8.1 | HIGH | — | 0 |
| CVE-2026-41354 OpenClaw before 2026.4.2 contains an insufficient scope vulnerability in Zalo webhook replay dedupe keys that allows legitimate events from different conversations or senders to collide. Attackers can... | 3.7 | LOW | — | 0 |
| CVE-2026-41355 OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute a... | 7.3 | HIGH | — | 0 |
| CVE-2026-41356 OpenClaw before 2026.3.31 fails to terminate active WebSocket sessions when rotating device tokens. Attackers with previously compromised credentials can maintain unauthorized access through existing ... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-41357 OpenClaw before 2026.3.31 contains an environment variable leakage vulnerability in SSH-based sandbox backends that pass unsanitized process.env to child processes. Attackers can exploit this by lever... | 3.3 | LOW | — | 0 |
| CVE-2026-41358 OpenClaw before 2026.4.2 fails to filter Slack thread context by sender allowlist, allowing non-allowlisted messages to enter agent context. Attackers can inject unauthorized thread messages through a... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-41359 OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Telegram configuration and cron persistence settin... | 7.1 | HIGH | — | 0 |
| CVE-2026-41360 OpenClaw before 2026.4.2 contains an approval integrity vulnerability in pnpm dlx that fails to bind local script operands consistently with pnpm exec flows. Attackers can replace approved local scrip... | 6.7 | MEDIUM | — | 0 |
| CVE-2026-41361 OpenClaw before 2026.3.28 contains an SSRF guard bypass vulnerability that fails to block four IPv6 special-use ranges. Attackers can exploit this by crafting URLs targeting internal or non-routable I... | 7.1 | HIGH | — | 0 |
| CVE-2026-6732 A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An atta... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-7343 HiSecOS web server versions 05.0.00 to 08.3.01 prior to 08.3.02 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to t... | 7.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.