๐จ CVE-2026-53814
OpenClaw before 2026.5.20 contains a privilege escalation vulnerability where hook-triggered agent runs incorrectly receive owner-scoped MCP loopback authority instead of hook-appropriate scope. Attackers with a valid hook token can exploit the /hooks/agent endpoint to cause spawned CLI runtimes to access or invoke owner-only MCP tools, potentially executing privileged actions like persistent cron state modifications.
๐@cveNotify
OpenClaw before 2026.5.20 contains a privilege escalation vulnerability where hook-triggered agent runs incorrectly receive owner-scoped MCP loopback authority instead of hook-appropriate scope. Attackers with a valid hook token can exploit the /hooks/agent endpoint to cause spawned CLI runtimes to access or invoke owner-only MCP tools, potentially executing privileged actions like persistent cron state modifications.
๐@cveNotify
GitHub
Hook-triggered CLI runs could receive owner MCP tool authority
### Summary
OpenClaw hook ingress can start automated agent runs using a configured hook token. In affected releases, a hook-triggered run could select a bundled CLI backend that received owner-sc...
OpenClaw hook ingress can start automated agent runs using a configured hook token. In affected releases, a hook-triggered run could select a bundled CLI backend that received owner-sc...
๐จ CVE-2026-33590
Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent
access on the host.
๐@cveNotify
Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent
access on the host.
๐@cveNotify
GitHub
fix(swarm): fix environment security checks BE-12541 (#1666) ยท portainer/portainer@3e2fdb1
Making Docker and Kubernetes management easy. Contribute to portainer/portainer development by creating an account on GitHub.
โค1
๐จ CVE-2026-45467
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
๐@cveNotify
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
๐@cveNotify
๐จ CVE-2026-45481
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
๐@cveNotify
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
๐@cveNotify
๐จ CVE-2026-45418
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #132, any authenticated user who can upload videos can add multiple subtitles from different files and change their title (English, Spanish...). The POST /actions/subtitle_edit.php request used to change their title includes a number parameter which is vulnerable to SQL Injection. A boolean-based blind SQL injection can be used to exfiltrate sensitive data. This issue has been patched in version 5.5.3 - #132.
๐@cveNotify
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #132, any authenticated user who can upload videos can add multiple subtitles from different files and change their title (English, Spanish...). The POST /actions/subtitle_edit.php request used to change their title includes a number parameter which is vulnerable to SQL Injection. A boolean-based blind SQL injection can be used to exfiltrate sensitive data. This issue has been patched in version 5.5.3 - #132.
๐@cveNotify
GitHub
Blind SQL Injection in subtitle_edit.php
## Summary
Any authenticated user who can upload videos can add multiple subtitles from different files and change their title (English, Spanish...). The POST `/actions/subtitle_edit.php` reque...
Any authenticated user who can upload videos can add multiple subtitles from different files and change their title (English, Spanish...). The POST `/actions/subtitle_edit.php` reque...
๐จ CVE-2026-47365
Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account.
๐@cveNotify
Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account.
๐@cveNotify
cPanel
WP Toolkit CVE-2026-47365
SituationArgument injection vulnerability in WP Toolkit before version 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitra...
๐จ CVE-2026-47366
Improper verification of access permissions when modifying permissions through the Administration Control Panel (ACP) allowed an authenticated administrator to grant permissions beyond the level authorized for their account, resulting in privilege escalation within the administrative interface.
๐@cveNotify
Improper verification of access permissions when modifying permissions through the Administration Control Panel (ACP) allowed an authenticated administrator to grant permissions beyond the level authorized for their account, resulting in privilege escalation within the administrative interface.
๐@cveNotify
๐จ CVE-2026-47367
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UID Enterprise Agent to execute a Command Injection on the host device.
๐@cveNotify
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UID Enterprise Agent to execute a Command Injection on the host device.
๐@cveNotify
๐จ CVE-2026-47368
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances.
๐@cveNotify
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances.
๐@cveNotify
๐จ CVE-2026-47369
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.
๐@cveNotify
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.
๐@cveNotify
๐จ CVE-2026-47370
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances.
๐@cveNotify
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances.
๐@cveNotify
๐จ CVE-2026-48610
Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices.
๐@cveNotify
Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices.
๐@cveNotify
๐จ CVE-2026-44802
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
๐จ CVE-2026-44804
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
๐จ CVE-2026-44807
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
๐จ CVE-2026-44808
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
๐จ CVE-2026-44811
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
๐จ CVE-2026-44813
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
๐@cveNotify
๐จ CVE-2026-44814
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
๐@cveNotify
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
๐@cveNotify
๐จ CVE-2026-48565
Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally.
๐@cveNotify
Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally.
๐@cveNotify
๐จ CVE-2026-48569
Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
๐@cveNotify
Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
๐@cveNotify