Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
13087
Total
868
Critical
3778
High
4150
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-5772 | UNKNOWN | — | A 1-byte stack buffer over-read was identified in the MatchDomainName function (src/internal.c) during wildcard hostname validation when the LEFT_MOST_WILDCARD_ONLY flag is active. If a wildcard … | Apr 09, 2026 |
| CVE-2026-5264 | UNKNOWN | — | Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer … | Apr 09, 2026 |
| CVE-2026-5263 | UNKNOWN | — | URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf … | Apr 09, 2026 |
| CVE-2026-40154 | CRITICAL | 9.3 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI treats remotely fetched template files as trusted executable code without integrity verification, origin validation, or … | Apr 09, 2026 |
| CVE-2026-40153 | HIGH | 7.4 | PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, the execute_command function in shell_tools.py calls os.path.expandvars() on every command argument at line 64, manually re-implementing … | Apr 09, 2026 |
| CVE-2026-40152 | MEDIUM | 5.3 | PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, he list_files() tool in FileTools validates the directory parameter against workspace boundaries via _validate_path(), but passes … | Apr 09, 2026 |
| CVE-2026-40151 | MEDIUM | 5.3 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, the AgentOS deployment platform exposes a GET /api/agents endpoint that returns agent names, roles, and the … | Apr 09, 2026 |
| CVE-2026-40150 | HIGH | 7.7 | PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, the web_crawl() function in praisonaiagents/tools/web_crawl_tools.py accepts arbitrary URLs from AI agents with zero validation. No scheme … | Apr 09, 2026 |
| CVE-2026-40149 | HIGH | 7.9 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, the gateway's /api/approval/allow-list endpoint permits unauthenticated modification of the tool approval allowlist when no auth_token is … | Apr 09, 2026 |
| CVE-2026-40148 | MEDIUM | 6.5 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, the _safe_extractall() function in PraisonAI's recipe registry validates archive members against path traversal attacks but performs … | Apr 09, 2026 |
| CVE-2026-40117 | MEDIUM | 6.2 | PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, read_skill_file() in skill_tools.py allows reading arbitrary files from the filesystem by accepting an unrestricted skill_path parameter. … | Apr 09, 2026 |
| CVE-2026-40116 | HIGH | 7.5 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /media-stream WebSocket endpoint in PraisonAI's call module accepts connections from any client without authentication or … | Apr 09, 2026 |
| CVE-2026-40115 | MEDIUM | 6.2 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, the WSGI-based recipe registry server (server.py) reads the entire HTTP request body into memory based on … | Apr 09, 2026 |
| CVE-2026-40114 | HIGH | 7.2 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /api/v1/runs endpoint accepts an arbitrary webhook_url in the request body with no URL validation. When … | Apr 09, 2026 |
| CVE-2026-40113 | HIGH | 8.4 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, deploy.py constructs a single comma-delimited string for the gcloud run deploy --set-env-vars argument by directly interpolating … | Apr 09, 2026 |
| CVE-2026-40112 | MEDIUM | 5.4 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, the Flask API endpoint in src/praisonai/api.py renders agent output as HTML without effective sanitization. The _sanitize_html … | Apr 09, 2026 |
| CVE-2026-40111 | UNKNOWN | — | PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, he memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run() with shell=True … | Apr 09, 2026 |
| CVE-2026-39848 | MEDIUM | 6.5 | Dockyard is a Docker container management app. Prior to 1.1.0, Docker container start and stop operations are performed through GET requests without CSRF protection. A … | Apr 09, 2026 |
| CVE-2026-35646 | MEDIUM | 4.8 | OpenClaw before 2026.3.25 contains a pre-authentication rate-limit bypass vulnerability in webhook token validation that allows attackers to brute-force weak webhook secrets. The vulnerability exists because … | Apr 09, 2026 |
| CVE-2026-35645 | HIGH | 8.1 | OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in the gateway plugin subagent fallback deleteSession function that uses a synthetic operator.admin runtime scope. Attackers can … | Apr 09, 2026 |
| CVE-2026-35644 | MEDIUM | 6.5 | OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers … | Apr 09, 2026 |
| CVE-2026-35642 | MEDIUM | 4.3 | OpenClaw before 2026.3.25 contains an authorization bypass vulnerability where group reaction events bypass the requireMention access control mechanism. Attackers can trigger reactions in mention-gated groups … | Apr 09, 2026 |
| CVE-2026-35640 | MEDIUM | 5.3 | OpenClaw before 2026.3.25 parses JSON request bodies before validating webhook signatures, allowing unauthenticated attackers to force resource-intensive parsing operations. Remote attackers can send malicious webhook … | Apr 09, 2026 |
| CVE-2026-35639 | HIGH | 8.8 | OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator … | Apr 09, 2026 |
| CVE-2026-35638 | HIGH | 8.8 | OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the Control UI that allows unauthenticated sessions to retain self-declared privileged scopes without device identity verification. … | Apr 09, 2026 |