•15 minutes ago•CVE-2026-33045
7.3CVE-2026-33045: Stored Cross-Site Scripting in Home Assistant History-Graph Card
A Stored Cross-Site Scripting (XSS) vulnerability exists in the Home Assistant frontend, specifically within the History-graph card component. The flaw allows authenticated users with low privileges or malicious third-party integrations to inject arbitrary JavaScript via unescaped entity names. This script executes when a victim hovers over the associated graph, potentially leading to full account takeover.
0 views•6 min read
•about 2 hours ago•CVE-2026-33433
5.1CVE-2026-33433: Authentication Spoofing via Header Canonicalization Bypass in Traefik Middlewares
Traefik versions prior to 2.11.42, 3.6.12, and 3.7.0-ea.3 contain a vulnerability in the BasicAuth and DigestAuth middlewares. When configured with a non-canonical headerField name, attackers with valid low-privileged credentials can inject canonicalized headers to bypass authentication logic and spoof their identity to backend services.
1 views•7 min read
•about 3 hours ago•GHSA-H8R8-WCCR-V5F2
6.5GHSA-H8R8-WCCR-V5F2: Mutation-XSS via Re-Contextualization in DOMPurify
DOMPurify versions prior to 3.3.2 are susceptible to a Mutation Cross-Site Scripting (mXSS) vulnerability. The flaw occurs due to discrepancies in browser parsing contexts when handling specific raw-text or RCDATA elements, allowing attackers to bypass sanitization.
5 views•6 min read
•about 5 hours ago•CVE-2026-29905
6.5CVE-2026-29905: Persistent Denial of Service via Malformed Image Upload in Kirby CMS
Kirby CMS through version 5.1.4 contains a persistent Denial of Service (DoS) vulnerability triggered by malformed image uploads. The application fails to validate the return value of the PHP getimagesize() function, resulting in a fatal TypeError that renders affected administrative or frontend pages permanently inaccessible until the malformed file is manually removed.
4 views•7 min read
•about 6 hours ago•GHSA-MVM6-F9R3-FGFX
9.3GHSA-mvm6-f9r3-fgfx: JSON Policy Injection in AWS SDK for .NET CloudFront Signers
The AWS SDK for .NET contains a vulnerability in its CloudFront signing utilities where improper escaping of special characters permits JSON policy injection. Attackers who can control input passed to the signing methods can alter the generated CloudFront custom policy, allowing them to bypass access restrictions and access private resources.
3 views•6 min read
•about 14 hours ago•CVE-2026-4926
7.5CVE-2026-4926: Regular Expression Denial of Service in pillarjs path-to-regexp
The path-to-regexp library versions 8.0.0 through 8.3.0 suffer from a high-severity Regular Expression Denial of Service (ReDoS) vulnerability. This flaw stems from an exponential combinatorial explosion when parsing sequential optional groups, leading to severe CPU and memory exhaustion.
7 views•6 min read
•about 15 hours ago•CVE-2026-4923
5.9CVE-2026-4923: Regular Expression Denial of Service (ReDoS) in path-to-regexp
The path-to-regexp library, commonly utilized by Node.js frameworks like Express.js for routing, contains a Regular Expression Denial of Service (ReDoS) vulnerability in versions 8.0.0 through 8.3.0. The flaw is triggered when processing specific route patterns containing multiple wildcards, leading to CPU exhaustion and application downtime.
4 views•6 min read
•about 16 hours ago•GHSA-9P93-7J67-5PC2
6.5GHSA-9P93-7J67-5PC2: Missing Authorization in OpenClaw Gateway Session Termination
The OpenClaw gateway contains an improper authorization vulnerability within its HTTP session termination endpoint. A flaw in scope assignment allows any authenticated user to terminate arbitrary active sessions, resulting in a targeted denial-of-service condition.
4 views•7 min read
•about 16 hours ago•GHSA-9HJH-FR4F-GXC4
9.8GHSA-9HJH-FR4F-GXC4: Privilege Escalation via WebSocket Reconnect in OpenClaw Gateway
A critical vulnerability in the OpenClaw gateway allows low-privilege operator identities to silently escalate their privileges to full administrative access. The flaw exists in the WebSocket handshake authorization logic, specifically within the backend reconnect bypass mechanism.
4 views•7 min read
•about 17 hours ago•GHSA-FQW4-MPH7-2VR8
9.8GHSA-FQW4-MPH7-2VR8: OpenClaw Gateway Silent Privilege Escalation via Shared-Auth Reconnect
The OpenClaw Gateway Server contains a critical privilege escalation vulnerability in its WebSocket reconnection logic. Devices authenticating via the shared-auth mechanism can silently upgrade restricted permissions to administrative access without user interaction, leading to arbitrary remote code execution on the host node.
5 views•5 min read
•about 17 hours ago•GHSA-XQ8G-HGH6-87HV
5.3GHSA-xq8g-hgh6-87hv: Missing Rate Limiting in OpenClaw BlueBubbles Webhook Enables Brute-Force Attacks
The OpenClaw package before version 2026.3.25 fails to restrict the rate of incoming authentication attempts on its BlueBubbles webhook endpoint. This lack of rate limiting allows unauthenticated remote attackers to perform high-speed brute-force attacks against the webhook password, potentially resulting in unauthorized message processing and data access.
5 views•4 min read
•about 18 hours ago•GHSA-9WQX-G2CW-VC7R
5.3GHSA-9WQX-G2CW-VC7R: Authorization Bypass in OpenClaw Matrix Verification Router
The OpenClaw AI assistant contains an authorization bypass vulnerability in its Matrix protocol integration. The application fails to apply Direct Message access policies to specific Matrix Key Verification events, allowing unauthorized users to interact with the bot's verification state.
5 views•6 min read