CVE Database

110968+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-41353
8.1 HIGH

OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile mutation and …

Apr 23, 2026
CVE-2026-41352
8.8 HIGH

OpenClaw before 2026.3.31 contains a remote code execution vulnerability where a device-paired node can bypass the node scope gate authentication mechanism. Attackers with device pairing …

Apr 23, 2026
CVE-2026-41351
5.3 MEDIUM

OpenClaw before 2026.3.31 contains a replay detection bypass vulnerability in webhook signature handling that treats Base64 and Base64URL encoded signatures as distinct requests. Attackers can …

Apr 23, 2026
CVE-2026-41350
4.3 MEDIUM

OpenClaw before 2026.3.31 contains a session visibility bypass vulnerability where the session_status function fails to enforce configured tools.sessions.visibility restrictions for unsandboxed invocations. Attackers can invoke …

Apr 23, 2026
CVE-2026-41349
8.8 HIGH

OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval via config.patch parameter. Remote attackers can exploit this …

Apr 23, 2026
CVE-2026-41348
5.4 MEDIUM

OpenClaw before 2026.3.31 contains an authorization bypass vulnerability in Discord slash command and autocomplete paths that fail to enforce group DM channel allowlist restrictions. Authorized …

Apr 23, 2026
CVE-2026-41347
7.1 HIGH

OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit this by …

Apr 23, 2026
CVE-2026-41346
5.3 MEDIUM

OpenClaw 2026.2.26 before 2026.3.31 enforces pending pairing-request caps per channel file instead of per account, allowing attackers to exhaust the shared pending window. Remote attackers …

Apr 23, 2026
CVE-2026-41345
5.3 MEDIUM

OpenClaw before 2026.3.31 contains a credential exposure vulnerability in media download functionality that forwards Authorization headers across cross-origin redirects. Attackers can exploit this by crafting …

Apr 23, 2026
CVE-2026-41344
5.4 MEDIUM

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the chat.send endpoint that allows write-scoped gateway callers to persist admin-only verboseLevel session overrides. Attackers can …

Apr 23, 2026
CVE-2026-41343
5.3 MEDIUM

OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can …

Apr 23, 2026
CVE-2026-41342
7.3 HIGH

OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote onboarding component that persists unauthenticated discovery endpoints without explicit trust confirmation. Attackers can spoof …

Apr 23, 2026
CVE-2026-41341
5.4 MEDIUM

OpenClaw before 2026.3.31 contains a logic error in Discord component interaction routing that misclassifies group direct messages as direct messages in extensions/discord/src/monitor/agent-components-helpers.ts. Attackers can exploit …

Apr 23, 2026
CVE-2026-41340
6.5 MEDIUM

OpenClaw before 2026.3.31 contains an authentication boundary vulnerability where Telegram legacy allowFrom migration incorrectly fans default-account trust into all named accounts. Attackers can exploit this …

Apr 23, 2026
CVE-2026-41339
4.3 MEDIUM

OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths and …

Apr 23, 2026
CVE-2026-41338
5.0 MEDIUM

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in apply_patch, …

Apr 23, 2026
CVE-2026-41337
5.3 MEDIUM

OpenClaw before 2026.3.31 contains a callback origin mutation vulnerability in Plivo voice-call replay that allows attackers to mutate in-process callback origin before replay rejection. Attackers …

Apr 23, 2026
CVE-2026-41336
7.8 HIGH

OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_HOOKS_DIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted default-on bundled …

Apr 23, 2026
CVE-2026-41335
5.3 MEDIUM

OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive …

Apr 23, 2026
CVE-2026-41334
6.5 MEDIUM

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by …

Apr 23, 2026
CVE-2026-41333
3.7 LOW

OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can exploit …

Apr 23, 2026
CVE-2026-41332
5.3 MEDIUM

OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GIT_TEMPLATE_DIR and AWS_CONFIG_FILE are not blocked in the host-env blocklist. Attackers can exploit approved exec …

Apr 23, 2026
CVE-2026-41274
9.8 CRITICAL

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GraphCypherQAChain node forwards user-provided input …

Apr 23, 2026
CVE-2026-35431
10.0 CRITICAL

Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.

Apr 23, 2026
CVE-2026-33819
10.0 CRITICAL

Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network.

Apr 23, 2026
CVE-2026-33102
9.3 CRITICAL

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

Apr 23, 2026
CVE-2026-32210
9.3 CRITICAL

Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized attacker to perform spoofing over a network.

Apr 23, 2026
CVE-2026-32172
8.0 HIGH

Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network.

Apr 23, 2026
CVE-2026-2708
3.7 LOW

A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each header value without validating for duplicate …

Apr 23, 2026
CVE-2026-26210
9.8 CRITICAL

KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balance_serve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all …

Apr 23, 2026
CVE-2026-26150
8.6 HIGH

Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.

Apr 23, 2026
CVE-2026-24303
9.6 CRITICAL

Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.

Apr 23, 2026
CVE-2026-6942
9.8 CRITICAL

radare2-mcp version 1.6.0 and earlier contains an os command injection vulnerability that allows remote attackers to execute arbitrary commands by bypassing the command filter through …

Apr 23, 2026
CVE-2026-6941
6.6 MEDIUM

radare2 prior to 6.1.4 contains a path traversal vulnerability in its project notes handling that allows attackers to read or write files outside the configured …

Apr 23, 2026
CVE-2026-6940
7.1 HIGH

radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete arbitrary directories by supplying absolute paths …

Apr 23, 2026
CVE-2026-6376

A weakness in SpiceJet’s public booking retrieval page permits full passenger booking details to be accessed using only a PNR and last name, with no …

Apr 23, 2026
CVE-2026-6375

A vulnerability in SpiceJet’s booking API allows unauthenticated users to query passenger name records (PNRs) without any access controls. Because PNR identifiers follow a predictable …

Apr 23, 2026
CVE-2026-28525
6.8 MEDIUM

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoose_multipart.c that allows unauthenticated attackers to cause a denial of service by sending …

Apr 23, 2026
CVE-2026-41279
7.5 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the text-to-speech generation endpoint (POST /api/v1/text-to-speech/generate) …

Apr 23, 2026
CVE-2026-41278
7.5 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the GET /api/v1/public-chatflows/:id endpoint returns the …

Apr 23, 2026
CVE-2026-41277
8.8 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignment vulnerability in the …

Apr 23, 2026
CVE-2026-41276
9.8 CRITICAL

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, this vulnerability allows remote attackers to …

Apr 23, 2026
CVE-2026-41275
7.5 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com …

Apr 23, 2026
CVE-2026-41273
8.2 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise contains an authentication bypass vulnerability …

Apr 23, 2026
CVE-2026-41272
7.1 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the core security wrappers (secureAxiosRequest and …

Apr 23, 2026
CVE-2026-41271
8.3 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) vulnerability …

Apr 23, 2026
CVE-2026-41270
7.1 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) protection …

Apr 23, 2026
CVE-2026-41269
7.1 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the Chatflow configuration file upload settings …

Apr 23, 2026
CVE-2026-41268
9.8 CRITICAL

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical …

Apr 23, 2026
CVE-2026-41267
8.1 HIGH

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, an improper mass assignment (JSON injection) …

Apr 23, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.