•31 minutes ago•GHSA-QW99-GRCX-4PVM
9.8OpenClaw, Open Door: When 0.0.0.0 Equals Localhost
OpenClaw (formerly Clawdbot), a personal AI assistant, contained a critical network binding vulnerability where the application incorrectly treated wildcard IP addresses (0.0.0.0) as loopback addresses. This allowed the sensitive Chrome extension relay service—intended only for local communication—to be exposed to the entire network, granting remote attackers control over the victim's browser via the Chrome DevTools Protocol.
0 views•5 min read
•about 3 hours ago•GHSA-56F2-HVWG-5743
8.6OpenClaw Open Door: SSRF in Your Personal AI Assistant
OpenClaw, a TypeScript-based personal AI assistant designed to integrate with various tools and LLM providers, contained a critical Server-Side Request Forgery (SSRF) vulnerability. The flaw resided in how the application's tools—specifically the Image Tool and Web Fetch Tool—handled remote resource retrieval. By failing to validate destination IP addresses or enforce egress filtering, the application allowed attackers to coerce the server into making requests to arbitrary internal endpoints. This could lead to the exposure of sensitive cloud metadata (AWS/GCP), access to local services listening on loopback interfaces, or network scanning behind the firewall.
0 views•6 min read
•about 4 hours ago•GHSA-XC7W-V5X6-CC87
9.8OpenClaw: When 'Localhost' Isn't Local (And Your AI Agent Betrays You)
OpenClaw (formerly Moltbot), an autonomous AI agent framework, contained a critical authentication bypass in its BlueBubbles webhook integration. The vulnerability stemmed from an implicit trust of requests originating from loopback addresses (127.0.0.1). When deployed behind reverse proxies or tunnels, external requests appeared local to the application, allowing remote attackers to bypass authentication completely. This flaw is currently being exploited in the wild to hijack AI agents and exfiltrate credentials.
1 views•7 min read
•about 4 hours ago•GHSA-HR7J-63V7-VJ7G
7.5The Phantom Session: Surviving the Ban Hammer in Pterodactyl
In the world of game server hosting, Pterodactyl is the undisputed king. But a synchronization gap between the management Panel and the remote Wings daemon created a zombie apocalypse scenario: SFTP sessions that refused to die. This vulnerability allowed malicious users to maintain full filesystem access to servers even after their accounts were deleted or passwords changed, turning a standard termination procedure into a race against a lingering, unauthorized open socket.
0 views•6 min read
•about 5 hours ago•CVE-2026-2469
7.6Return to Sender: Unauthenticated IMAP Command Injection in directorytree/imapengine
A critical failure in input sanitization within the `directorytree/imapengine` PHP library allows attackers to perform IMAP Command Injection. By manipulating the parameters passed to the `id()` method, malicious actors can break out of the protocol's quoted-string syntax and inject arbitrary IMAP commands. This can lead to unauthorized email exfiltration, data modification, or denial of service against the mail server.
4 views•6 min read
•about 6 hours ago•CVE-2026-1529
8.1Keycloak Unlocked: Bypassing Org Security with CVE-2026-1529
A critical lapse in cryptographic hygiene within Keycloak's 'Organizations' feature allows attackers to forge invitation tokens. By neglecting to verify the digital signature of JSON Web Tokens (JWTs), Keycloak inadvertently permitted anyone with a valid invite to modify the payload—swapping organization IDs and email addresses—to gain unauthorized access to restricted tenants.
7 views•6 min read
•about 12 hours ago•CVE-2025-54418
9.8CodeIgniter 4 RCE: When ImageMagick Casts a Spell on Your Shell
A critical OS Command Injection vulnerability exists in CodeIgniter 4's ImageMagick handler. By failing to properly escape filenames and configuration options before passing them to the system shell, the framework allows unauthenticated attackers to execute arbitrary commands. This affects any application utilizing the `ImageMagickHandler` for image manipulation, potentially turning a simple profile picture upload or meme generator into a root shell.
24 views•6 min read
•about 13 hours ago•CVE-2025-14831
5.3Death by a Thousand SANs: Analyzing CVE-2025-14831 in GnuTLS
A classic algorithmic complexity vulnerability hiding in the X.509 certificate verification logic of GnuTLS. By crafting a certificate with a pathological combination of Name Constraints and Subject Alternative Names (SANs), an attacker can force the library into an exponential validation loop. This results in severe CPU and memory exhaustion, effectively causing a Denial of Service (DoS) with a single TLS handshake.
5 views•5 min read
•about 14 hours ago•CVE-2026-26220
9.3LightLLM RCE: When 'High Performance' Means Faster Shells
LightLLM, a high-performance LLM inference engine, contains a critical Remote Code Execution (RCE) vulnerability in its Prefill-Decode (PD) disaggregation system. The flaw arises from the unsafe deserialization of untrusted data using Python's `pickle` module on exposed WebSocket endpoints. Compounding the issue, the application explicitly forbids binding to localhost, forcing these vulnerable endpoints to be network-accessible. This allows unauthenticated attackers to execute arbitrary code with the privileges of the inference server, potentially compromising high-value GPU clusters and proprietary models.
24 views•7 min read
•about 15 hours ago•CVE-2026-26335
9.3Skeleton Keys in the Expense Report: The Calero VeraSMART RCE
A critical failure in cryptographic key management within Calero VeraSMART allows unauthenticated attackers to achieve Remote Code Execution (RCE) via ASP.NET ViewState deserialization. By shipping identical `machineKey` values in the `web.config` across all installations, the vendor essentially provided a master key to every instance of the software.
5 views•6 min read
•1 day ago•CVE-2026-26216
10.0Crawl4AI RCE: Hook, Line, and Sinker
A Critical RCE in Crawl4AI's Docker API allows unauthenticated attackers to execute arbitrary Python code via the 'hooks' parameter. By leveraging an insecure implementation of 'exec()' and a failed attempt at sandboxing that left '__import__' exposed, attackers can bypass restrictions and compromise the host container.
38 views•6 min read
•1 day ago•CVE-2025-14594
3.5Scheduled for Leaks: Unmasking GitLab's Pipeline Authorization Bypass
A deep-dive analysis into a logic flaw within GitLab's Pipeline Schedules API. This vulnerability allows low-privileged users to bypass authorization checks and potentially exfiltrate sensitive CI/CD variables via user interaction vectors. The flaw highlights the danger of insufficient scope validation in complex API structures.
10 views•6 min read