Tag feed

#vulnerability

1,651 posts31 followers

Trending tags this week

CVE-2026-28490: CVE-2026-28490: Bleichenbacher Padding Oracle in Authlib RSA1_5 JWE Implementation

51m ago · 2 min read · CVE-2026-28490: Bleichenbacher Padding Oracle in Authlib RSA1_5 JWE Implementation Vulnerability ID: CVE-2026-28490 CVSS Score: 8.3 Published: 2026-03-16 Authlib versions prior to 1.6.9 contain a cryptographic padding oracle vulnerability in the JS...

Join discussion

ABAlon Baradcvereports.hashnode.dev

0

CVE-2026-32732: CVE-2026-32732: Cross-Site Scripting (XSS) in @leanprover/unicode-input-component

1h ago · 2 min read · CVE-2026-32732: Cross-Site Scripting (XSS) in @leanprover/unicode-input-component Vulnerability ID: CVE-2026-32732 CVSS Score: 0.0 Published: 2026-03-16 The @leanprover/unicode-input-component npm package, utilized by the Lean 4 VS Code Extension, ...

Join discussion

UBUp2itnow Bill Wilsonai-agent-economy.hashnode.dev

0

CVE-2026-12349: Azure Arc MCP CVSS 9.1 - What Enterprise Teams Need to Know

1d ago · 5 min read · Another week, another MCP vulnerability. This one's worse than the last batch. CVE-2026-12349 hits Azure Arc's MCP server integration with a CVSS score of 9.1. That's critical. If your enterprise runs Azure Arc with MCP-enabled tool invocations - and...

Join discussion

ABAlon Baradcvereports.hashnode.dev

0

GHSA-7H7G-X2PX-94HJ: GHSA-7H7G-X2PX-94HJ: Credential Exposure in OpenClaw Device Pairing

2d ago · 2 min read · GHSA-7H7G-X2PX-94HJ: Credential Exposure in OpenClaw Device Pairing Vulnerability ID: GHSA-7H7G-X2PX-94HJ CVSS Score: 5.3 Published: 2026-03-13 The OpenClaw personal AI assistant ecosystem suffers from an insufficiently protected credentials vulner...

Join discussion

ABAlon Baradcvereports.hashnode.dev

1

GHSA-VMHQ-CQM9-6P7Q: GHSA-VMHQ-CQM9-6P7Q: Privilege Escalation via Incorrect Authorization in OpenClaw Gateway

2d ago · 2 min read · GHSA-VMHQ-CQM9-6P7Q: Privilege Escalation via Incorrect Authorization in OpenClaw Gateway Vulnerability ID: GHSA-VMHQ-CQM9-6P7Q CVSS Score: 7.1 Published: 2026-03-13 A high-severity authorization bypass vulnerability exists in the OpenClaw AI assis...

MMadeline commented

ABAlon Baradcvereports.hashnode.dev

0

GHSA-M69H-JM2F-2PV8: GHSA-m69h-jm2f-2pv8: Authorization Bypass via Insecure Event Resolution in OpenClaw Feishu Extension

2d ago · 2 min read · GHSA-m69h-jm2f-2pv8: Authorization Bypass via Insecure Event Resolution in OpenClaw Feishu Extension Vulnerability ID: GHSA-M69H-JM2F-2PV8 CVSS Score: Moderate Published: 2026-03-13 An authorization bypass vulnerability exists in the Feishu extensi...

Join discussion

ABAlon Baradcvereports.hashnode.dev

0

GHSA-F8R2-VG7X-GH8M: GHSA-f8r2-vg7x-gh8m: Path Overmatching and Command Execution Bypass in OpenClaw

2d ago · 2 min read · GHSA-f8r2-vg7x-gh8m: Path Overmatching and Command Execution Bypass in OpenClaw Vulnerability ID: GHSA-F8R2-VG7X-GH8M CVSS Score: 5.3 Published: 2026-03-13 OpenClaw versions up to 2026.3.8 suffer from an improper input validation vulnerability in t...

Join discussion

ABAlon Baradcvereports.hashnode.dev

0

GHSA-R7VR-GR74-94P8: GHSA-r7vr-gr74-94p8: Improper Authorization and Privilege Escalation in OpenClaw

2d ago · 2 min read · GHSA-r7vr-gr74-94p8: Improper Authorization and Privilege Escalation in OpenClaw Vulnerability ID: GHSA-R7VR-GR74-94P8 CVSS Score: 8.8 Published: 2026-03-13 OpenClaw versions prior to v2026.3.12 contain an improper authorization vulnerability in th...

Join discussion

ABAlon Baradcvereports.hashnode.dev

0

GHSA-99QW-6MR3-36QR: GHSA-99QW-6MR3-36QR: Remote Code Execution via Malicious Workspace Plugins in OpenClaw

2d ago · 2 min read · GHSA-99QW-6MR3-36QR: Remote Code Execution via Malicious Workspace Plugins in OpenClaw Vulnerability ID: GHSA-99QW-6MR3-36QR CVSS Score: 9.6 Published: 2026-03-13 OpenClaw, an open-source AI agent platform, contains a critical vulnerability in its ...

Join discussion

ABAlon Baradcvereports.hashnode.dev

0

GHSA-WCXR-59V9-RXR8: GHSA-WCXR-59V9-RXR8: Sandbox Escape via Improper Authorization in OpenClaw session_status Tool

2d ago · 2 min read · GHSA-WCXR-59V9-RXR8: Sandbox Escape via Improper Authorization in OpenClaw session_status Tool Vulnerability ID: GHSA-WCXR-59V9-RXR8 CVSS Score: 9.9 Published: 2026-03-13 The OpenClaw session_status tool fails to properly validate authorization bou...

Join discussion

#vulnerability

Search Hashnode

#vulnerability

Trending tags this week

CVE-2026-28490: CVE-2026-28490: Bleichenbacher Padding Oracle in Authlib RSA1_5 JWE Implementation

CVE-2026-32732: CVE-2026-32732: Cross-Site Scripting (XSS) in @leanprover/unicode-input-component

CVE-2026-12349: Azure Arc MCP CVSS 9.1 - What Enterprise Teams Need to Know

GHSA-7H7G-X2PX-94HJ: GHSA-7H7G-X2PX-94HJ: Credential Exposure in OpenClaw Device Pairing

GHSA-VMHQ-CQM9-6P7Q: GHSA-VMHQ-CQM9-6P7Q: Privilege Escalation via Incorrect Authorization in OpenClaw Gateway

GHSA-M69H-JM2F-2PV8: GHSA-m69h-jm2f-2pv8: Authorization Bypass via Insecure Event Resolution in OpenClaw Feishu Extension

GHSA-F8R2-VG7X-GH8M: GHSA-f8r2-vg7x-gh8m: Path Overmatching and Command Execution Bypass in OpenClaw

GHSA-R7VR-GR74-94P8: GHSA-r7vr-gr74-94p8: Improper Authorization and Privilege Escalation in OpenClaw

GHSA-99QW-6MR3-36QR: GHSA-99QW-6MR3-36QR: Remote Code Execution via Malicious Workspace Plugins in OpenClaw

GHSA-WCXR-59V9-RXR8: GHSA-WCXR-59V9-RXR8: Sandbox Escape via Improper Authorization in OpenClaw session_status Tool