CVE ID :CVE-2026-53836 Published : June 12, 2026, 10:16 p.m. | 2 hours, 51 minutes ago Description :OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to execute…
CVE-2026-53834 – OpenClaw < 2026.4.27 – Authorization Bypass in QQBot Pre-dispatch Slash Commands
CVE ID :CVE-2026-53834 Published : June 12, 2026, 10:16 p.m. | 2 hours, 51 minutes ago Description :OpenClaw before 2026.4.27 contains an authorization bypass vulnerability in QQBot pre-dispatch slash commands that allows authenticated senders…
CVE-2026-53831 – OpenClaw < 2026.5.18 – Arbitrary File Read via Shell Expansion in system.run Safe-bin Allowlist
CVE ID :CVE-2026-53831 Published : June 12, 2026, 10:16 p.m. | 2 hours, 51 minutes ago Description :OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion…
CVE-2026-45418 – ClipBucket: Blind SQL Injection in subtitle_edit.php
CVE ID :CVE-2026-45418 Published : 2026年6月11日 23:16 | 1 小时,49 分钟 ago Description :ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 – #132, any authenticated user who can upload…
CVE-2026-45060 – ClipBucket: Blind SQL Injection in progress_video.php
CVE ID :CVE-2026-45060 Published : 2026年6月11日 23:16 | 1 小时,49 分钟 ago Description :ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 – #129, the actions/progress_video.php endpoint is vulnerable to…
CVE-2026-42846 – ClipBucket: Remote Play URL Command Injection
CVE ID :CVE-2026-42846 Published : 2026年6月11日 23:16 | 1 小时,49 分钟 ago Description :ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 – #140, ClipBucket’s Remote Play feature allows any…
CVE-2026-49060 – WordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 – Privilege Escalation vulnerability
CVE ID :CVE-2026-49060 Published : 2026年6月11日 22:16 | 2 小时,49 分钟 ago Description :Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce:…
CVE-2026-45174 – Idira Endpoint Privilege Manager Linux Agent: Potential bypass of Agent Daemon Initialization
CVE ID :CVE-2026-45174 Published : 2026年6月11日 22:16 | 2 小时,49 分钟 ago Description :Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization….
CVE-2026-46703 – BoxLite: Path Traversal Vulnerability in boxlite Leads to Arbitrary File Write on the Host
CVE ID :CVE-2026-46703 Published : June 10, 2026, 11:16 p.m. | 2 hours, 48 minutes ago Description :Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI…
CVE-2026-46695 – BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files
CVE ID :CVE-2026-46695 Published : June 10, 2026, 11:16 p.m. | 2 hours, 48 minutes ago Description :Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI…