CVE Database

110968+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-41393
4.8 MEDIUM

OpenClaw before 2026.3.31 contains a wide-area discovery vulnerability allowing arbitrary tailnet peers to be accepted as DNS authorities. Attackers with same-tailnet position and CA-trusted endpoint …

Apr 28, 2026
CVE-2026-41392
6.7 MEDIUM

OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options …

Apr 28, 2026
CVE-2026-41391
5.3 MEDIUM

OpenClaw before 2026.3.31 fails to properly sanitize PIP_INDEX_URL and UV_INDEX_URL environment variables in host execution contexts, allowing attackers to redirect Python package-index traffic. Attackers can …

Apr 28, 2026
CVE-2026-41390
7.3 HIGH

OpenClaw before 2026.3.28 contains an exec allowlist bypass vulnerability where allow-always persistence fails to unwrap /usr/bin/script and similar wrappers before storing trust decisions. Attackers can …

Apr 28, 2026
CVE-2026-41388
6.5 MEDIUM

OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers can restart the application to rehydrate revoked …

Apr 28, 2026
CVE-2026-41387
7.8 HIGH

OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec …

Apr 28, 2026
CVE-2026-41386
9.1 CRITICAL

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can …

Apr 28, 2026
CVE-2026-41385
6.5 MEDIUM

OpenClaw before 2026.3.31 stores Nostr privateKey as plaintext in configuration, allowing exposure through config.get method calls that bypass redaction mechanisms. Attackers can retrieve unredacted configuration …

Apr 28, 2026
CVE-2026-41384
7.8 HIGH

OpenClaw before 2026.3.24 contains an environment variable injection vulnerability in the CLI backend runner that allows attackers to inject malicious environment variables through workspace configuration. …

Apr 28, 2026
CVE-2026-41383
8.1 HIGH

OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and remoteAgentWorkspaceDir configuration …

Apr 28, 2026
CVE-2026-41382
5.4 MEDIUM

OpenClaw before 2026.3.31 contains an authorization bypass vulnerability in Discord voice ingress that allows attackers to bypass channel and member allowlist restrictions. Attackers can exploit …

Apr 28, 2026
CVE-2026-41381
5.4 MEDIUM

OpenClaw before 2026.3.31 contains an access control bypass vulnerability in the Discord voice manager that allows attackers to bypass channel-level member access allowlist restrictions. Attackers …

Apr 28, 2026
CVE-2026-41380
7.3 HIGH

OpenClaw before 2026.3.28 contains an execution approval vulnerability in exec-approvals-allowlist.ts that allows allow-always persistence to trust wrapper carrier executables instead of invoked targets. Attackers can …

Apr 28, 2026
CVE-2026-41379
7.1 HIGH

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Talk Voice configuration persistence. Attackers with operator.write privileges …

Apr 28, 2026
CVE-2026-41378
8.8 HIGH

OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with …

Apr 28, 2026
CVE-2026-41377
4.6 MEDIUM

OpenClaw before 2026.3.31 contains a fail-open vulnerability in the plugin installation flow where security scan failures do not block installation. Attackers can exploit scan failures …

Apr 28, 2026
CVE-2026-41376
5.4 MEDIUM

OpenClaw before 2026.3.31 contains an allowlist bypass vulnerability in Matrix thread root and reply context handling that fails to properly validate message senders. Attackers can …

Apr 28, 2026
CVE-2026-41375
6.5 MEDIUM

OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in the /phone arm and /phone disarm endpoints that fails to properly enforce operator.admin scope checks for …

Apr 28, 2026
CVE-2026-41374
5.3 MEDIUM

OpenClaw before 2026.3.31 performs Discord audio preflight transcription before validating member authorization, allowing unauthenticated attackers to consume resources. Remote attackers can trigger audio preflight processing …

Apr 28, 2026
CVE-2026-41373
6.1 MEDIUM

OpenClaw before 2026.3.31 contains an incomplete host-env-security-policy.json that fails to restrict compiler binary environment variables, allowing untrusted models to substitute CC, CXX, CARGO_BUILD_RUSTC, and CMAKE_C_COMPILER …

Apr 28, 2026
CVE-2026-3893
9.4 CRITICAL

The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with network access to directly access and modify its configuration and operational functions …

Apr 28, 2026
CVE-2026-38949
8.9 HIGH

Cross-Site Scripting (XSS) vulnerability exists in HTMLy version 3.1.1 in the content creation functionality at the /add/content?type=image endpoint. The application fails to properly sanitize user …

Apr 28, 2026
CVE-2026-24231
6.3 MEDIUM

NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint …

Apr 28, 2026
CVE-2026-24222
8.6 HIGH

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that …

Apr 28, 2026
CVE-2026-24204
6.5 MEDIUM

NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may …

Apr 28, 2026
CVE-2026-24186
8.8 HIGH

NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A …

Apr 28, 2026
CVE-2026-24178
9.8 CRITICAL

NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A …

Apr 28, 2026
CVE-2026-41873
9.8 CRITICAL

** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Pony Mail leading to admin account takeover. This issue affects …

Apr 28, 2026
CVE-2026-38948
5.4 MEDIUM

Cross-Site Scripting (XSS) vulnerability exists in FUEL CMS v1.5.2 and before within the asset upload functionality. The application fails to properly sanitize uploaded SVG files, …

Apr 28, 2026
CVE-2026-38651
8.2 HIGH

Authentication Bypass vulnerability exists in Netmaker versions prior to 1.5.0. The VerifyHostToken function in logic/jwts.go fails to validate the JWT signature when verifying host tokens. …

Apr 28, 2026
CVE-2025-60889
9.8 CRITICAL

Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.

Apr 28, 2026
CVE-2025-60887
5.3 MEDIUM

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which …

Apr 28, 2026
CVE-2026-7324
7.3 HIGH

Memory safety bugs present in Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of …

Apr 28, 2026
CVE-2026-7323
7.3 HIGH

Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with …

Apr 28, 2026
CVE-2026-7322
7.3 HIGH

Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with …

Apr 28, 2026
CVE-2026-7321
9.6 CRITICAL

Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, and …

Apr 28, 2026
CVE-2026-7320
7.5 HIGH

Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird …

Apr 28, 2026
CVE-2026-7289
8.8 HIGH

A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results …

Apr 28, 2026
CVE-2026-7288
8.8 HIGH

A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub_4151FC of the file /boafrm/formVpnConfigSetup. The manipulation of the argument submit-url …

Apr 28, 2026
CVE-2026-7283
4.7 MEDIUM

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function save_expired of the file /ajax.php?action=save_expired. The manipulation …

Apr 28, 2026
CVE-2026-7282
4.7 MEDIUM

A vulnerability was identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function delete_expired of the file /ajax.php?action=delete_expired. The manipulation of the …

Apr 28, 2026
CVE-2026-40969
3.7 LOW

The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain …

Apr 28, 2026
CVE-2026-40968
4.2 MEDIUM

When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited …

Apr 28, 2026
CVE-2026-40556

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Apr 28, 2026
CVE-2026-27760
8.1 HIGH

OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by …

Apr 28, 2026
CVE-2025-67223
7.5 HIGH

The Aranda File Server (AFS) component in Aranda Software Aranda Service Desk before 8.3.12 stores daily activity logs with predictable names in a publicly accessible …

Apr 28, 2026
CVE-2026-7281
2.4 LOW

A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier. Executing a …

Apr 28, 2026
CVE-2026-7272
7.3 HIGH

A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generate_matlab_code/execute_matlab_code of the file src/index.ts of the component …

Apr 28, 2026
CVE-2026-6706
6.5 MEDIUM

Improper access control in the vault documentation feature in Devolutions Server allows an authenticated attacker to read documentation content from unauthorized vaults via a crafted …

Apr 28, 2026
CVE-2026-5944
8.2 HIGH

An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP …

Apr 28, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.