CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-27096 Deserialization of Untrusted Data vulnerability in BuddhaThemes ColorFolio - Freelance Designer WordPress Theme colorfolio allows Object Injection.This issue affects ColorFolio - Freelance Designer Wo... | 8.1 | HIGH | — | 0 |
| CVE-2026-1238 The SlimStat Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fh' (fingerprint) parameter in all versions up to, and including, 5.3.5 due to insufficient input sani... | 7.2 | HIGH | — | 0 |
| CVE-2026-1276 IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus alter... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-36051 IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in configuration files that could be read by a local user. | 6.2 | MEDIUM | — | 0 |
| CVE-2025-15051 IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-13995 IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one tenant to access hostname data from another tenant's account. | 5.0 | MEDIUM | — | 0 |
| CVE-2026-32000 OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in the Lobster extension tool execution that uses Windows shell fallback with shell: true after spawn failures. Attackers... | 7.1 | HIGH | — | 0 |
| CVE-2026-31999 OpenClaw versions 2026.2.26 prior to 2026.3.1 on Windows contain a current working directory injection vulnerability in wrapper resolution for .cmd/.bat files that allows attackers to influence execut... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-31998 OpenClaw versions 2026.2.22 and 2026.2.23 contain an authorization bypass vulnerability in the synology-chat channel plugin where dmPolicy set to allowlist with empty allowedUserIds fails open. Attack... | 8.6 | HIGH | — | 0 |
| CVE-2026-31997 OpenClaw versions prior to 2026.3.1 fail to pin executable identity for non-path-like argv[0] tokens in system.run approvals, allowing post-approval executable rebind attacks. Attackers can modify PAT... | 6.0 | MEDIUM | — | 0 |
| CVE-2026-31996 OpenClaw versions prior to 2026.2.19 tools.exec.safeBins contains an input validation bypass vulnerability that allows attackers to execute unintended filesystem operations through sort output flags o... | 4.4 | MEDIUM | — | 0 |
| CVE-2026-31995 OpenClaw versions 2026.1.21 prior to 2026.2.19 contain a command injection vulnerability in the Lobster extension's Windows shell fallback mechanism that allows attackers to inject arbitrary commands ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-31994 OpenClaw versions prior to 2026.2.19 contain a local command injection vulnerability in Windows scheduled task script generation due to unsafe handling of cmd metacharacters and expansion-sensitive ch... | 7.1 | HIGH | — | 0 |
| CVE-2026-31993 OpenClaw versions prior to 2026.2.22 contain an allowlist parsing mismatch vulnerability in the macOS companion app that allows authenticated operators to bypass exec approval checks. Attackers with o... | 4.8 | MEDIUM | — | 0 |
| CVE-2026-31992 OpenClaw versions prior to 2026.2.23 contain an allowlist bypass vulnerability in system.run guardrails that allows authenticated operators to execute unintended commands. When /usr/bin/env is allowli... | 7.1 | HIGH | — | 0 |
| CVE-2026-31991 OpenClaw versions prior to 2026.2.26 contain an authorization bypass vulnerability where Signal group allowlist policy incorrectly accepts sender identities from DM pairing-store approvals. Attackers ... | 3.7 | LOW | — | 0 |
| CVE-2026-31990 OpenClaw versions prior to 2026.3.2 contain a vulnerability in the stageSandboxMedia function in which it fails to validate destination symlinks during media staging, allowing writes to follow symlink... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-31989 OpenClaw versions prior to 2026.3.1 contain a server-side request forgery vulnerability in web_search citation redirect resolution that uses a private-network-allowing SSRF policy. An attacker who can... | 7.4 | HIGH | — | 0 |
| CVE-2026-29608 OpenClaw 2026.3.1 contains an approval integrity vulnerability in system.run node-host execution where argv rewriting changes command semantics. Attackers can place malicious local scripts in the work... | 6.7 | MEDIUM | — | 0 |
| CVE-2026-29607 OpenClaw versions prior to 2026.2.22 contain an authorization bypass vulnerability in allow-always wrapper persistence that allows attackers to bypass approval checks by persisting wrapper-level allow... | 6.8 | MEDIUM | — | 0 |
| CVE-2026-28461 OpenClaw versions prior to 2026.3.1 contain an unbounded memory growth vulnerability in the Zalo webhook endpoint that allows unauthenticated attackers to trigger in-memory key accumulation by varying... | 7.5 | HIGH | — | 0 |
| CVE-2026-28460 OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run that allows attackers to execute non-allowlisted commands by splitting command substitution using shell lin... | 7.1 | HIGH | — | 0 |
| CVE-2026-28449 OpenClaw versions prior to 2026.2.25 lack durable replay state for Nextcloud Talk webhook events, allowing valid signed webhook requests to be replayed without suppression. Attackers can capture and r... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-27670 OpenClaw versions prior to 2026.3.2 contain a race condition vulnerability in ZIP extraction that allows local attackers to write files outside the intended destination directory. Attackers can exploi... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-27566 OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails to unwrap env and shell-dispatch wrapper chains. Attackers can route execution thr... | 7.1 | HIGH | — | 0 |
| CVE-2026-22176 OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in Windows Scheduled Task script generation where environment variables are written to gateway.cmd using unquoted set KEY... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-32743 PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-32255 Kan is an open-source project management tool. In versions 0.5.4 and below, the /api/download/attatchment endpoint has no authentication and no URL validation. The Attachment Download endpoint accepts... | 8.6 | HIGH | — | 0 |
| CVE-2026-3181 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | — | 0 |
| CVE-2026-32805 Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.2, the `san... | 7.5 | HIGH | — | 0 |
| CVE-2026-32737 Romeo gives the capability to reach high code coverage of Go ≥1.20 apps by helping to measure code coverage for functional and integration tests within GitHub Actions. Prior to version 0.2.1, due to a... | 10.0 | CRITICAL | — | 0 |
| CVE-2026-32736 The Hytale Modding Wiki is a free service for Hytale mods to host their documentation & wikis. An Insecure Direct Object Reference (IDOR) vulnerability in versions of the wiki prior to 1.0.0 exposes m... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-32735 openapi-to-java-records-mustache-templates allows users to generate Java Records from OpenAPI specifications. Starting in version 5.1.1 and prior to version 5.5.1, the parent POM file of this project ... | N/A | NONE | — | 0 |
| CVE-2026-32731 ApostropheCMS is an open-source content management framework. Prior to version 3.5.3 of `@apostrophecms/import-export`, The `extract()` function in `gzip.js` constructs file-write paths using `fs.crea... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-32730 ApostropheCMS is an open-source content management framework. Prior to version 4.28.0, the bearer token authentication middleware in `@apostrophecms/express/index.js` (lines 386-389) contains an incor... | 8.1 | HIGH | — | 0 |
| CVE-2025-15031 A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file writes due to improper handling of tar archive entries. Specifically, the use of `tarfile.extractall` without path valid... | 9.1 | CRITICAL | — | 0 |
| CVE-2026-4407 Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the "N" field in ICCBased color spaces. | N/A | NONE | — | 0 |
| CVE-2026-33163 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.35 and 8.6.50, when a `Parse.Cloud.afterLiveQueryEvent` trigger is register... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-33042 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.29 and 8.6.49, a user can sign up without providing credentials by sending ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-32944 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.21 and 8.6.45, an unauthenticated attacker can crash the Parse Server proce... | 7.5 | HIGH | — | 0 |
| CVE-2026-32943 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.28 and 8.6.48, the password reset mechanism does not enforce single-use gua... | 3.1 | LOW | — | 0 |
| CVE-2026-32886 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.24 and 8.6.47, remote clients can crash the Parse Server process by calling... | 7.5 | HIGH | — | 0 |
| CVE-2026-32878 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.20 and 8.6.44, an attacker can bypass the default request keyword denylist ... | 7.5 | HIGH | — | 0 |
| CVE-2026-32770 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.19 and 8.6.43, a remote attacker can crash the Parse Server by subscribing ... | 5.9 | MEDIUM | — | 0 |
| CVE-2026-32742 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.17 and 8.6.42, an authenticated user can overwrite server-generated session... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-32728 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.15 and 8.6.41, an attacker who is allowed to upload files can bypass the fi... | 7.6 | HIGH | — | 0 |
| CVE-2026-32723 SandboxJS is a JavaScript sandboxing library. Prior to 0.8.35, SandboxJS timers have an execution-quota bypass. A global tick state (`currentTicks.current`) is shared between sandboxes. Timer string h... | 4.7 | MEDIUM | — | 0 |
| CVE-2026-32722 Memray is a memory profiler for Python. Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no esca... | 3.6 | LOW | — | 0 |
| CVE-2026-32703 OpenProject is an open-source, web-based project management software. In versions prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1, the Repositories module did not properly escape filenames displayed from ... | 9.0 | CRITICAL | — | 0 |
| CVE-2026-32698 OpenProject is an open-source, web-based project management software. Versions prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1 are vulnerable to an SQL injection attack via a custom field's name. When tha... | 9.1 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.