|
4101
|
7.8 |
HIGH
Local
|
openclaw
|
openclaw
|
OpenClaw before 2026.4.2 contains an improper trust boundary vulnerability allowing untrusted workspace channel shadows to execute during built-in channel setup and login. Attackers can clone a works…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2026-41295
|
2026-04-28 00:06 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4102
|
8.2 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.31 contains a time-of-check-time-of-use race condition in the remote filesystem bridge readFile function that allows sandbox escape. Attackers can exploit the separate path val…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-41296
|
2026-04-28 00:06 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4103
|
7.6 |
HIGH
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.31 contains a server-side request forgery vulnerability in the marketplace plugin download functionality that allows attackers to access internal resources by following unvalid…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-41297
|
2026-04-28 00:05 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4104
|
7.5 |
HIGH
Network
|
roxy-wi
|
roxy-wi
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the oldconfig parameter in the haproxy_section_save interface has an arbitrary file re…
|
CWE-22
Path Traversal
|
CVE-2026-33077
|
2026-04-28 00:04 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4105
|
9.8 |
CRITICAL
Network
|
roxy-wi
|
roxy-wi
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the haproxy_section_save interface presents a vulnerability that could lead to remote …
|
CWE-22
Path Traversal
|
CVE-2026-33076
|
2026-04-28 00:03 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4106
|
5.4 |
MEDIUM
Network
|
gfi
|
helpdesk
|
GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the subject POST parameter is not sanitized in Controller_Step.InsertSubmit() and Ed…
|
CWE-79
Cross-site Scripting
|
CVE-2026-23756
|
2026-04-28 00:02 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4107
|
8.8 |
HIGH
Network
|
actualbudget
|
actual
|
Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user (including `BASIC` role) can escalate to `ADMIN` on servers migrated from password authentication to Ope…
|
CWE-284
CWE-862
Improper Access Control
Missing Authorization
|
CVE-2026-33318
|
2026-04-28 00:01 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4108
|
5.4 |
MEDIUM
Network
|
gfi
|
helpdesk
|
GFI HelpDesk before 4.99.10 contains a stored cross-site scripting vulnerability in the Reports module where the title parameter is passed directly to SWIFT_Report::Create() without HTML sanitization…
|
CWE-79
Cross-site Scripting
|
CVE-2026-23757
|
2026-04-27 23:59 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4109
|
9.8 |
CRITICAL
Network
|
totolink
|
a3300r_firmware
|
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunMinAlive parameter to /cgi-bin/cstecgi.cgi.
|
CWE-78
OS Command
|
CVE-2026-31177
|
2026-04-27 23:59 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4110
|
9.8 |
CRITICAL
Network
|
totolink
|
a3300r_firmware
|
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunMaxAlive parameter to /cgi-bin/cstecgi.cgi.
|
CWE-78
OS Command
|
CVE-2026-31178
|
2026-04-27 23:58 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
