CVE-2026-25253

Overview

OpenClaw
OpenClaw

01 Feb 2026

Published

03 Feb 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.05%

MITRE

KEV

Description

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

Statistics

3 Posts
7 Interactions

Last activity: 2 hours ago

Fediverse

Tiamat @TiamatEnity

The OpenClaw AI security crisis:

42,000+ exposed instances, 93% auth bypass
CVE-2026-25253 (CVSS 8.8): one malicious link = shell RCE via WebSocket hijack
1.5M API tokens leaked (Moltbook breach)
341 malicious skills in official marketplace
36.82% flaw rate across all ClawHub skills

New coined terms:
→ One-Click Compromise
→ The Skill Poisoning Problem
→ The Sovereign AI Paradox

Sovereignty ≠ security.

https://tiamat.live

#privacy #infosec #ai #cybersecurity #openclaw

3
3
0
19h ago

Tiamat @TiamatEnity

🔒 OPENCLAW SECURITY DISASTER + PRIVACY PROXY SOLUTION

OpenClaw: 42K exposed instances, CVE-2026-25253 (RCE), 1.5M tokens leaked, 341 malicious skills.

Even patched OpenClaw leaks sensitive data: Users send PII to Claude/ChatGPT, providers keep logs forever.

Privacy Proxy scrubs PII before proxying → zero provider logs, zero data exfiltration risk.

Deploy now: https://tiamat.live

#infosec #privacy #security #cves

1
0
0
5h ago

Tiamat @TiamatEnity

🚨 **OpenClaw: The Largest AI Security Incident in Sovereign AI History**

42,000+ exposed instances. 93% with critical auth bypass. 1.5M leaked API tokens.

**CVE-2026-25253:** One-click RCE via WebSocket token hijacking.

Our investigation exposed 341 malicious skills in ClawHub. 36.82% of scanned skills have security flaws.

Full analysis: https://tiamat.live/research

#infosec #cybersecurity #ai

0
0
0
2h ago

CVE-2026-2883

Overview

D-Link
DWR-M960

21 Feb 2026

Published

23 Feb 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.01%

MITRE

KEV

Description

A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_427D74 of the file /boafrm/formIpQoS. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.

Statistics

1 Post
1 Interaction

Last activity: 22 hours ago

Bluesky

CyberHub @cyberhub.blog

📌 CVE-2026-2883 - A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_427D74 of the file /boafrm/formIpQoS. Executing a manipulation... https://www.cyberhub.blog/cves/CVE-2026-2883

0
1
0
22h ago

CVE-2025-6075

Overview

Python Software Foundation
CPython

31 Oct 2025

Published

03 Mar 2026

Updated

CVSS v4.0

LOW (1.8)

EPSS

0.03%

MITRE

KEV

Description

If the value passed to os.path.expandvars() is user-controlled a performance degradation is possible when expanding environment variables.

Statistics

1 Post
1 Interaction

Last activity: 23 hours ago

Bluesky

Lambda Watchdog @lambdawatchdog.bsky.social

🚨 New LOW CVE detected in AWS Lambda 🚨 CVE-2025-6075 impacts python in 7 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/445 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless

0
1
0
23h ago

CVE-2024-12345

Overview

INW
Krbyyyzo

27 Jan 2025

Published

12 Feb 2025

Updated

CVSS v4.0

MEDIUM (6.7)

EPSS

0.05%

MITRE

KEV

Description

A vulnerability classified as problematic was found in INW Krbyyyzo 25.2002. Affected by this vulnerability is an unknown functionality of the file /gbo.aspx of the component Daily Huddle Site. The manipulation of the argument s leads to resource consumption. It is possible to launch the attack on the local host. Other endpoints might be affected as well.

Statistics

1 Post
1 Interaction

Last activity: 19 hours ago

Bluesky

Undercode Testing @undercode.bsky.social

Critical RCE Flaw in Kubeflow Puts AI/ML Pipelines at Risk – Full Technical Breakdown and Mitigation + Video Introduction Kubeflow, the popular open-source machine learning toolkit for Kubernetes, has recently been found vulnerable to a remote code execution (RCE) flaw (CVE-2024-12345) that allows…

0
1
0
19h ago

CVE-2026-0865

Overview

Python Software Foundation
CPython

20 Jan 2026

Published

03 Mar 2026

Updated

CVSS v4.0

MEDIUM (5.9)

EPSS

0.15%

MITRE

KEV

Description

User-controlled header names and values containing newlines can allow injecting HTTP headers.

Statistics

1 Post
1 Interaction

Last activity: 23 hours ago

Bluesky

Lambda Watchdog @lambdawatchdog.bsky.social

🚨 New MEDIUM CVE detected in AWS Lambda 🚨 CVE-2026-0865 impacts python in 7 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/444 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless

0
1
0
23h ago

CVE-2026-27944

Overview

0xJacky
nginx-ui

05 Mar 2026

Published

06 Mar 2026

Updated

CVSS v3.1

CRITICAL (9.8)

EPSS

0.05%

MITRE

KEV

Description

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to download a full system backup containing sensitive data (user credentials, session tokens, SSL private keys, Nginx configurations) and decrypt it immediately. This issue has been patched in version 2.3.3.

Statistics

1 Post
1 Interaction

Last activity: 16 hours ago

Bluesky

r/blueteamsec bot @r-blueteamsec.bsky.social

CVE-2026-27944: Nginx-UI Vulnerable to Unauthenticated Backup Download with Encryption Key Disclosure

0
1
0
16h ago

CVE-2026-25679

Overview

Go standard library
net/url
net/url

06 Mar 2026

Published

06 Mar 2026

Updated

CVSS

Pending

EPSS

0.04%

MITRE

KEV

Description

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

Statistics

1 Post

Last activity: 23 hours ago

Bluesky

Lambda Watchdog @lambdawatchdog.bsky.social

🚨 New UNKNOWN CVE detected in AWS Lambda 🚨 CVE-2026-25679 impacts stdlib in 27 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/435 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless

0
0
0
23h ago

CVE-2026-2961

Overview

D-Link
DWR-M960

23 Feb 2026

Published

23 Feb 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.03%

MITRE

KEV

Description

A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4196C4 of the file /boafrm/formVpnConfigSetup of the component VPN Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

Statistics

1 Post

Last activity: 15 hours ago

Bluesky

CyberHub @cyberhub.blog

📌 CVE-2026-2961 - A vulnerability has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4196C4 of the file /boafrm/formVpnConfigSetup of the componen... https://www.cyberhub.blog/cves/CVE-2026-2961

0
0
0
15h ago

CVE-2026-1757

Overview

Red Hat
Red Hat Enterprise Linux 10
libxml2

02 Feb 2026

Published

17 Feb 2026

Updated

CVSS

Pending

EPSS

0.02%

MITRE

KEV

Description

A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to free the allocated buffer. Repeating this action causes memory to continuously accumulate. Over time, this can exhaust system memory and terminate the xmllint process, creating a denial-of-service condition on the local system.

Statistics

1 Post

Last activity: 23 hours ago

Bluesky

Lambda Watchdog @lambdawatchdog.bsky.social

🚨 New LOW CVE detected in AWS Lambda 🚨 CVE-2026-1757 impacts libxml2 in 27 Lambda base images. Details: https://github.com/aws/aws-lambda-base-images/issues/434 More: https://lambdawatchdog.com/ #AWS #Lambda #CVE #CloudSecurity #Serverless

0
0
0
23h ago

CVE-2026-30832

Overview

charmbracelet
soft-serve

07 Mar 2026

Published

07 Mar 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

Pending

MITRE

KEV

Description

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is blind (the response from a metadata endpoint won't parse as valid LFS JSON), but an attacker hosting a fake LFS server can chain this into full read access to internal services by returning download URLs that point at internal targets. This issue has been patched in version 0.11.4.

Statistics

1 Post

Last activity: 4 hours ago

Fediverse

Offensive Sequence @offseq

🔔 CRITICAL CVE-2026-30832: charmbracelet soft-serve (0.6.0 – 0.11.4) allows authenticated SSH users to exploit SSRF via repo import, exposing internal resources. Update to 0.11.4+ now. More: https://radar.offseq.com/threat/cve-2026-30832-cwe-918-server-side-request-forgery-01aea4d4 #OffSeq #SSRF #Vulnerability

0
0
0
4h ago