CVE ID :CVE-2026-41503 Published : April 24, 2026, 8:16 p.m. | 3 hours, 55 minutes ago Description :BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3,…
CVE-2026-41502 – BACnet Stack: Off-by-One Out-of-Bounds Read in ReadPropertyMultiple Object ID Decoder
CVE ID :CVE-2026-41502 Published : April 24, 2026, 8:16 p.m. | 3 hours, 55 minutes ago Description :BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3,…
CVE-2026-40630 – SenseLive X3050 Authentication bypass using an alternate path or channel
CVE ID :CVE-2026-40630 Published : April 23, 2026, 11:45 p.m. | 24 minutes ago Description :A vulnerability in SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper…
CVE-2026-41353 – OpenClaw < 2026.3.22 – allowProfiles Bypass via Profile Mutation and Runtime Selection
CVE ID :CVE-2026-41353 Published : April 23, 2026, 10:16 p.m. | 1 hour, 53 minutes ago Description :OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to…
CVE-2026-41352 – OpenClaw < 2026.3.31 – Remote Code Execution via Node Scope Gate Bypass
CVE ID :CVE-2026-41352 Published : April 23, 2026, 10:16 p.m. | 1 hour, 53 minutes ago Description :OpenClaw before 2026.3.31 contains a remote code execution vulnerability where a device-paired node can bypass the node…
CVE-2026-41349 – OpenClaw < 2026.3.28 – Agentic Consent Bypass via config.patch
CVE ID :CVE-2026-41349 Published : April 23, 2026, 10:16 p.m. | 1 hour, 53 minutes ago Description :OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval…
CVE-2026-41336 – OpenClaw < 2026.3.31 – Arbitrary Hook Code Execution via OPENCLAW_BUNDLED_HOOKS_DIR Environment Variable Override
CVE ID :CVE-2026-41336 Published : April 23, 2026, 10:16 p.m. | 1 hour, 53 minutes ago Description :OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_HOOKS_DIR environment variable, enabling loading of attacker-controlled…
CVE-2026-41179 – RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution
CVE ID :CVE-2026-41179 Published : April 23, 2026, 12:16 a.m. | 1 hour, 51 minutes ago Description :Rclone is a command-line program to sync files and directories to and from different cloud storage providers….
CVE-2026-41176 – Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution
CVE ID :CVE-2026-41176 Published : April 23, 2026, 12:16 a.m. | 1 hour, 51 minutes ago Description :Rclone is a command-line program to sync files and directories to and from different cloud storage providers….
CVE-2026-40062 – Ziostation2 Path Traversal Vulnerability
CVE ID :CVE-2026-40062 Published : April 23, 2026, 12:16 a.m. | 1 hour, 51 minutes ago Description :A path Traversal vulnerability exists in Ziostation2 v2.9.8.7 and earlier. A remote unauthenticated attacker may get sensitive…