CVE ID : CVE-2026-28710 Published : March 6, 2026, 12:16 a.m. | 1 hour, 28 minutes ago Description : Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis…
CVE-2026-22552 – ePower epower.ie Missing Authentication for Critical Function
CVE ID : CVE-2026-22552 Published : March 6, 2026, 12:16 a.m. | 1 hour, 28 minutes ago Description : WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate…
CVE-2026-26125 – Payment Orchestrator Service Elevation of Privilege Vulnerability
CVE ID : CVE-2026-26125 Published : March 5, 2026, 11:16 p.m. | 28 minutes ago Description : Payment Orchestrator Service Elevation of Privilege Vulnerability Severity: 8.6 | HIGH Visit the link for more…
CVE-2026-21536 – Microsoft Devices Pricing Program Remote Code Execution Vulnerability
CVE ID : CVE-2026-21536 Published : March 5, 2026, 11:16 p.m. | 28 minutes ago Description : Microsoft Devices Pricing Program Remote Code Execution Vulnerability Severity: 9.8 | CRITICAL Visit the link for…
CVE-2026-29606 – OpenClaw < 2026.2.14 – Webhook Signature Verification Bypass via ngrok Loopback Compatibility
CVE ID : CVE-2026-29606 Published : March 5, 2026, 10:16 p.m. | 1 hour, 28 minutes ago Description : OpenClaw versions prior to 2026.2.14 contain a webhook signature-verification bypass in the voice-call extension that…
CVE-2026-28485 – OpenClaw 2026.1.5 < 2026.2.12 – Missing Authentication in Browser Control HTTP Endpoints
CVE ID : CVE-2026-28485 Published : March 5, 2026, 10:16 p.m. | 1 hour, 28 minutes ago Description : OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control…
CVE-2026-28484 – OpenClaw 2026.2.15 – Option Injection in pre-commit Hook via Malicious Filenames
CVE ID : CVE-2026-28484 Published : March 5, 2026, 10:16 p.m. | 1 hour, 28 minutes ago Description : OpenClaw versions prior to 2026.2.15 contain an option injection vulnerability in the git-hooks/pre-commit hook that…
CVE-2026-29123 – Multiple SUID Root Binaries in `xd` User Home Directory Leading to Potential Local Privilege Escalation
CVE ID : CVE-2026-29123 Published : March 5, 2026, 1:18 a.m. | 25 minutes ago Description : A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting (IDC) SFX2100 on Linux allows a local…
CVE-2026-29121 – `/sbin/ip` Binary given SETUID Permissions on IDC SFX2100 Leading to Potential LPE
CVE ID : CVE-2026-29121 Published : March 5, 2026, 1:15 a.m. | 28 minutes ago Description : International Data Casting (IDC) SFX2100 satellite receiver comes with the `/sbin/ip` utility installed with the setuid bit…
CVE-2026-29122 – `/bin/date` Binary given SETUID Permissions on IDC SFX2100 Leading to Potential LPE
CVE ID : CVE-2026-29122 Published : March 5, 2026, 12:53 a.m. | 51 minutes ago Description : International Data Casting (IDC) SFX2100 satellite receiver comes with the `/bin/date` utility installed with the setuid bit…