@cvereports

Alon Barad

@cvereports

CVE Reports

Joined January 2026

About

Nothing here yet.

Available for

Nothing here yet.

Alon Barad's blogs

CVE Reportscvereports.hashnode.dev1452 posts

Articles Threads Comments

Recently published

ABAlon Baradcvereports.hashnode.dev

CVE-2026-34605: CVE-2026-34605: Reflected Cross-Site Scripting via SVG Namespace Bypass in SiYuan

11h ago · 2 min read · CVE-2026-34605: Reflected Cross-Site Scripting via SVG Namespace Bypass in SiYuan Vulnerability ID: CVE-2026-34605 CVSS Score: 8.6 Published: 2026-04-01 SiYuan personal knowledge management system versions 3.6.0 through 3.6.1 contain a high-severit...

Join discussion

ABAlon Baradcvereports.hashnode.dev

CVE-2026-33578: CVE-2026-33578: Sender Policy Bypass via Incorrect Authorization in OpenClaw Extensions

11h ago · 2 min read · CVE-2026-33578: Sender Policy Bypass via Incorrect Authorization in OpenClaw Extensions Vulnerability ID: CVE-2026-33578 CVSS Score: 4.3 Published: 2026-04-01 OpenClaw versions prior to 2026.3.28 contain a vulnerability in the googlechat and zalous...

Join discussion

ABAlon Baradcvereports.hashnode.dev

CVE-2026-32734: CVE-2026-32734: DOM-Based Cross-Site Scripting in baserCMS Tag Creation

12h ago · 2 min read · CVE-2026-32734: DOM-Based Cross-Site Scripting in baserCMS Tag Creation Vulnerability ID: CVE-2026-32734 CVSS Score: 7.1 Published: 2026-03-31 baserCMS versions prior to 5.2.3 contain a DOM-based Cross-Site Scripting (XSS) vulnerability within the ...

Join discussion

ABAlon Baradcvereports.hashnode.dev

CVE-2026-21861: CVE-2026-21861: Authenticated OS Command Injection in baserCMS Core Update Feature

13h ago · 2 min read · CVE-2026-21861: Authenticated OS Command Injection in baserCMS Core Update Feature Vulnerability ID: CVE-2026-21861 CVSS Score: 9.1 Published: 2026-03-31 baserCMS versions prior to 5.2.3 are vulnerable to an authenticated OS Command Injection flaw ...

Join discussion

ABAlon Baradcvereports.hashnode.dev

GHSA-39MP-545Q-W789: GHSA-39MP-545Q-W789: Improper Authorization in OpenClaw /send Command

14h ago · 2 min read · GHSA-39MP-545Q-W789: Improper Authorization in OpenClaw /send Command Vulnerability ID: GHSA-39MP-545Q-W789 CVSS Score: 5.4 Published: 2026-03-30 An authorization bypass vulnerability in the OpenClaw personal AI assistant ecosystem allows non-owner...

Join discussion

Alon Barad

About

Available for

Alon Barad's blogs

Recently published

CVE-2026-34605: CVE-2026-34605: Reflected Cross-Site Scripting via SVG Namespace Bypass in SiYuan

CVE-2026-33578: CVE-2026-33578: Sender Policy Bypass via Incorrect Authorization in OpenClaw Extensions

CVE-2026-32734: CVE-2026-32734: DOM-Based Cross-Site Scripting in baserCMS Tag Creation

CVE-2026-21861: CVE-2026-21861: Authenticated OS Command Injection in baserCMS Core Update Feature

GHSA-39MP-545Q-W789: GHSA-39MP-545Q-W789: Improper Authorization in OpenClaw /send Command

Search Hashnode

Alon Barad

About

Available for

Alon Barad's blogs

Recently published

CVE-2026-34605: CVE-2026-34605: Reflected Cross-Site Scripting via SVG Namespace Bypass in SiYuan

CVE-2026-33578: CVE-2026-33578: Sender Policy Bypass via Incorrect Authorization in OpenClaw Extensions

CVE-2026-32734: CVE-2026-32734: DOM-Based Cross-Site Scripting in baserCMS Tag Creation

CVE-2026-21861: CVE-2026-21861: Authenticated OS Command Injection in baserCMS Core Update Feature

GHSA-39MP-545Q-W789: GHSA-39MP-545Q-W789: Improper Authorization in OpenClaw /send Command