Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
5.3 MEDIUM
CVE-2026-32046 — OpenClaw < 2026.2.21 - OS-level Sandbox Bypass via --no-sandbox Flag

OpenClaw versions prior to 2026.2.21 contain an improper sandbox configuration vulnerability that allows attackers to execute arbitrary code by exploiting renderer-side vulnerabilities without requir…

| Misconfiguration
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
8.2 HIGH
CVE-2026-32045 — OpenClaw < 2026.2.21 - Authentication Bypass in HTTP Gateway Routes via Tokenless Tailsca…

OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes, allowing bypass of token and password requirements. Attackers on trusted netwo…

Remote | Authentication
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
6.7 MEDIUM
CVE-2026-32044 — OpenClaw < 2026.3.2 - Tar Archive Safety Bypass in Skills Installation

OpenClaw versions prior to 2026.3.2 contain an archive extraction vulnerability in the tar.bz2 installer path that bypasses safety checks enforced on other archive formats. Attackers can craft malici…

| Denial of Service
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
6.5 MEDIUM
CVE-2026-32043 — OpenClaw < 2026.2.25 - Time-of-Check-Time-of-Use via Mutable Symlink in system.run cwd Pa…

OpenClaw versions prior to 2026.2.25 contain a time-of-check-time-of-use vulnerability in approval-bound system.run execution where the cwd parameter is validated at approval time but resolved at exe…

| Path Traversal
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
8.8 HIGH
CVE-2026-32042 — OpenClaw < 2026.2.25 - Privilege Escalation via Unpaired Device Identity in Shared Gatewa…

OpenClaw versions 2026.2.22 prior to 2026.2.25 contain a privilege escalation vulnerability allowing unpaired device identities to bypass operator pairing requirements and self-assign elevated operat…

Remote | Authorization
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
6.4 MEDIUM
CVE-2026-4083 — Scoreboard for HTML5 Games Lite <= 1.2 - Authenticated (Contributor+) Stored Cross-Site S…

The Scoreboard for HTML5 Games Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'scoreboard' shortcode in all versions up to, and including, 1.2. The shortcode function …

Remote | Cross-Site Scripting
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
4.4 MEDIUM
CVE-2026-3577 — Keep Backup Daily <= 2.1.2 - Authenticated (Admin+) Stored Cross-Site Scripting via Backu…

The Keep Backup Daily plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the backup title alias (`val` parameter) in the `update_kbd_bkup_alias` AJAX action in all versions up to, …

Remote | Cross-Site Scripting
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
6.1 MEDIUM
CVE-2026-3572 — iTracker360 <= 2.2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'itr…

The iTracker360 plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Stored Cross-Site Scripting in all versions up to and including 2.2.0. This is due to missing nonce verific…

Remote | Cross-Site Request Forgery
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
5.3 MEDIUM
CVE-2026-3567 — RepairBuddy <= 4.1132 - Missing Authorization to Authenticated (Subscriber+) Plugin Setti…

The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 4.1132. The plugin exposes two AJAX handlers that, when com…

Remote | Authorization
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
6.4 MEDIUM
CVE-2026-3516 — Contact List <= 3.0.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via '_c…

The Contact List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_cl_map_iframe' parameter in all versions up to, and including, 3.0.18. This is due to insufficient input s…

Remote | Cross-Site Scripting
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
4.9 MEDIUM
CVE-2026-3474 — EmailKit <= 1.6.3 - Authenticated (Administrator+) Path Traversal via 'emailkit-editor-te…

The EmailKit – Email Customizer for WooCommerce & WP plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 1.6.3. This is due to the actio…

Remote | Path Traversal
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
7.2 HIGH
CVE-2026-3368 — Injection Guard <= 1.2.9 - Unauthenticated Stored Cross-Site Scripting via Query Paramete…

The Injection Guard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via malicious query parameter names in all versions up to and including 1.2.9. This is due to insufficient input …

Remote | Cross-Site Scripting
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
6.4 MEDIUM
CVE-2026-3350 — Image Alt Text Manager <= 1.8.2 - Authenticated (Author+) Stored Cross-Site Scripting via…

The Image Alt Text Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title in all versions up to, and including, 1.8.2. This is due to insufficient input sanitiza…

Remote | Cross-Site Scripting
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
2.7 LOW
CVE-2026-3339 — Keep Backup Daily <= 2.1.1 - Authenticated (Admin+) Limited Path Traversal via 'kbd_path'…

The Keep Backup Daily plugin for WordPress is vulnerable to Limited Path Traversal in all versions up to, and including, 2.1.1 via the `kbd_open_upload_dir` AJAX action. This is due to insufficient v…

Remote | Path Traversal
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
4.9 MEDIUM
CVE-2026-33428 — Discourse Allows Unauthorized Access to Deleted Posts Index via Group Membership

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, a non-staff user with elevated group membership could access deleted posts belonging to a…

Remote | Authorization
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
2.7 LOW
CVE-2026-33427 — Discourse Authorization Page Displays Unvalidated Redirect Domain

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an unauthenticated attacker can cause a legitimate Discourse authorization page to displa…

Remote | Authorization
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
3.5 LOW
CVE-2026-33426 — Discourse users can edit or synonymize hidden tags they can't see

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, users with tag-editing permissions could edit and create synonyms for tags hidden in rest…

Remote | Authorization
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
6.9 MEDIUM
CVE-2026-33425 — Discourse has inferable private group membership or existence via exclude_groups parameter

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, unauthenticated users can determine whether a specific user is a member of a private grou…

Remote | Information Disclosure
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
5.9 MEDIUM
CVE-2026-33424 — PM access granted through invites after access revocation

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, an attacker can grant access to a private message topic through invites even after they l…

| Authorization
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
4.3 MEDIUM
CVE-2026-33238 — AVideo has a Path Traversal in listFiles.json.php that Enables Server Filesystem Enumerat…

WWBN AVideo is an open source video platform. Prior to version 26.0, the `listFiles.json.php` endpoint accepts a `path` POST parameter and passes it directly to `glob()` without restricting the path …

Remote | Path Traversal
Mar 21, 2026 Mar 21, 2026
Mar 21, 2026
Mar 21, 2026
Showing 20 of 5727 Results