24h | 7d | 30d

Overview

  • openclaw
  • openclaw

19 Feb 2026
Published
20 Feb 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.06%

KEV

Description

OpenClaw is a personal AI assistant. Prior to OpenClaw version 2026.2.14, the Feishu extension previously allowed `sendMediaFeishu` to treat attacker-controlled `mediaUrl` values as local filesystem paths and read them directly. If an attacker can influence tool calls (directly or via prompt injection), they may be able to exfiltrate local files by supplying paths such as `/etc/passwd` as `mediaUrl`. Upgrade to OpenClaw `2026.2.14` or newer to receive a fix. The fix removes direct local file reads from this path and routes media loading through hardened helpers that enforce local-root restrictions.

Statistics

  • 1 Post

Last activity: 21 hours ago

Bluesky

Profile picture fallback
📌 CVE-2026-26321 - OpenClaw is a personal AI assistant. Prior to OpenClaw version 2026.2.14, the Feishu extension previously allowed `sendMediaFeishu` to treat attacker-... https://www.cyberhub.blog/cves/CVE-2026-26321
  • 0
  • 0
  • 0
  • 21h ago

Overview

  • sebhildebrandt
  • systeminformation

19 Feb 2026
Published
19 Feb 2026
Updated

CVSS v3.1
HIGH (8.8)
EPSS
0.04%

KEV

Description

systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are vulnerable to command injection via unsanitized `locate` output in `versions()`. Version 5.31.0 fixes the issue.

Statistics

  • 1 Post

Last activity: 20 hours ago

Bluesky

Profile picture fallback
📌 CVE-2026-26318 - systeminformation is a System and OS information library for node.js. Versions prior to 5.31.0 are vulnerable to command injection via unsanitized `lo... https://www.cyberhub.blog/cves/CVE-2026-26318
  • 0
  • 0
  • 0
  • 20h ago

Overview

  • penpot
  • penpot

19 Feb 2026
Published
19 Feb 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.05%

KEV

Description

Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path (e.g. `/etc/passwd`) as a font data chunk in the `create-font-variant` RPC endpoint, resulting in the file contents being stored and retrievable as a "font" asset. This is an arbitrary file read vulnerability. Any authenticated user with team edit permissions can read arbitrary files accessible to the Penpot backend process on the host filesystem. This can lead to exposure of sensitive system files, application secrets, database credentials, and private keys, potentially enabling further compromise of the server. In containerized deployments, the blast radius may be limited to the container filesystem, but environment variables, mounted secrets, and application configuration are still at risk. Version 2.13.2 contains a patch for the issue.

Statistics

  • 1 Post

Last activity: 19 hours ago

Bluesky

Profile picture fallback
📌 CVE-2026-26202 - Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from t... https://www.cyberhub.blog/cves/CVE-2026-26202
  • 0
  • 0
  • 0
  • 19h ago

Overview

  • isaacs
  • node-tar

20 Feb 2026
Published
20 Feb 2026
Updated

CVSS v3.1
HIGH (7.1)
EPSS
0.01%

KEV

Description

node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting user. Severity is high because the primitive bypasses path protections and turns archive extraction into a direct filesystem access primitive. This issue has been fixed in version 7.5.8.

Statistics

  • 1 Post

Last activity: 18 hours ago

Bluesky

Profile picture fallback
📌 CVE-2026-26960 - node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardl... https://www.cyberhub.blog/cves/CVE-2026-26960
  • 0
  • 0
  • 0
  • 18h ago

Overview

  • stellar
  • rs-soroban-sdk

19 Feb 2026
Published
19 Feb 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.03%

KEV

Description

soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the `#[contractimpl]` macro contains a bug in how it wires up function calls. `#[contractimpl]` generates code that uses `MyContract::value()` style calls even when it's processing the trait version. This means if an inherent function is also defined with the same name, the inherent function gets called instead of the trait function. This means the Wasm-exported entry point silently calls the wrong function when two conditions are met simultaneously: First, an `impl Trait for MyContract` block is defined with one or more functions, with `#[contractimpl]` applied. Second, an `impl MyContract` block is defined with one or more identically named functions, without `#[contractimpl]` applied. If the trait version contains important security checks, such as verifying the caller is authorized, that the inherent version does not, those checks are bypassed. Anyone interacting with the contract through its public interface will call the wrong function. The problem is patched in `soroban-sdk-macros` versions 22.0.10, 23.5.2, and 25.1.1. The fix changes the generated call from `<Type>::func()` to `<Type as Trait>::func()` when processing trait implementations, ensuring Rust resolves to the trait associated function regardless of whether an inherent function with the same name exists. Users should upgrade to `soroban-sdk-macros` 22.0.10, 23.5.2, or 25.1.1 and recompile their contracts. If upgrading is not immediately possible, contract developers can avoid the issue by ensuring that no inherent associated function on the contract type shares a name with any function in the trait implementation. Renaming or removing the conflicting inherent function eliminates the ambiguity and causes the macro-generated code to correctly resolve to the trait function.

Statistics

  • 1 Post

Last activity: 19 hours ago

Bluesky

Profile picture fallback
📌 CVE-2026-26267 - soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the `#[contractimpl]` macro contains a bug in how it w... https://www.cyberhub.blog/cves/CVE-2026-26267
  • 0
  • 0
  • 0
  • 19h ago

Overview

  • Grandstream
  • GXP1610

18 Feb 2026
Published
18 Feb 2026
Updated

CVSS v4.0
CRITICAL (9.3)
EPSS
0.14%

KEV

Description

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.

Statistics

  • 1 Post

Last activity: 5 hours ago

Bluesky

Profile picture fallback
A stack-based buffer overflow (CVE-2026-2329) in Grandstream GXP1600 phones enables unauthenticated remote root code execution, allowing call interception and credential extraction.
  • 0
  • 0
  • 0
  • 5h ago

Overview

  • Sitzungsdienst
  • SD.NET RIM

18 Feb 2026
Published
19 Feb 2026
Updated

CVSS v4.0
HIGH (8.8)
EPSS
0.02%

KEV

Description

SD.NET RIM versions before 4.7.3c contain a SQL injection vulnerability that allows attackers to inject malicious SQL statements through POST parameters 'idtyp' and 'idgremium'. Attackers can exploit this vulnerability by crafting specially formed POST requests to the /vorlagen/ endpoint, enabling unauthorized database manipulation and potential information disclosure.

Statistics

  • 1 Post

Last activity: 4 hours ago

Bluesky

Profile picture fallback
📌 CVE-2019-25359 - SD.NET RIM versions before 4.7.3c contain a SQL injection vulnerability that allows attackers to inject malicious SQL statements through POST paramete... https://www.cyberhub.blog/cves/CVE-2019-25359
  • 0
  • 0
  • 0
  • 4h ago

Overview

  • timstrifler
  • Exclusive Addons for Elementor

13 Mar 2024
Published
01 Aug 2024
Updated

CVSS v3.1
MEDIUM (6.4)
EPSS
7.68%

KEV

Description

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via data attribute in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access or higher, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Statistics

  • 1 Post

Last activity: 17 hours ago

Bluesky

Profile picture fallback
New React2Shell Exploit Scanner in the Wild: Hackers Weaponize Tool to Target Critical Networks + Video Introduction: A new wave of cyberattacks is leveraging a sophisticated scanning toolkit designed specifically to identify and exploit the React2Shell vulnerability (CVE-2024-1234). This…
  • 0
  • 0
  • 0
  • 17h ago

Overview

  • HDFGroup
  • hdf5

19 Feb 2026
Published
19 Feb 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.03%

KEV

Description

HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on the practical exploitability of the heap overflow against modern operating systems. Real-world exploitability of this issue in terms of remote-code execution is currently unknown. Version 1.14.4-2 fixes the issue.

Statistics

  • 1 Post

Last activity: 20 hours ago

Bluesky

Profile picture fallback
📌 CVE-2026-26200 - HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` file parsed by HDF5 can trigger a write-based heap ... https://www.cyberhub.blog/cves/CVE-2026-26200
  • 0
  • 0
  • 0
  • 20h ago

Overview

  • Apache Software Foundation
  • Apache Arrow

17 Feb 2026
Published
20 Feb 2026
Updated

CVSS
Pending
EPSS
0.04%

KEV

Description

Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file (but not an IPC stream) with pre-buffering enabled, if the IPC file contains data with variadic buffers (such as Binary View and String View data). Depending on the number of variadic buffers in a record batch column and on the temporal sequence of multi-threaded IO, a write to a dangling pointer could occur. The value (a `std::shared_ptr<Buffer>` object) that is written to the dangling pointer is not under direct control of the attacker. Pre-buffering is disabled by default but can be enabled using a specific C++ API call (`RecordBatchFileReader::PreBufferMetadata`). The functionality is not exposed in language bindings (Python, Ruby, C GLib), so these bindings are not vulnerable. The most likely consequence of this issue would be random crashes or memory corruption when reading specific kinds of IPC files. If the application allows ingesting IPC files from untrusted sources, this could plausibly be exploited for denial of service. Inducing more targeted kinds of misbehavior (such as confidential data extraction from the running process) depends on memory allocation and multi-threaded IO temporal patterns that are unlikely to be easily controlled by an attacker. Advice for users of Arrow C++: 1. check whether you enable pre-buffering on the IPC file reader (using `RecordBatchFileReader::PreBufferMetadata`) 2. if so, either disable pre-buffering (which may have adverse performance consequences), or switch to Arrow 23.0.1 which is not vulnerable

Statistics

  • 1 Post

Last activity: 7 hours ago

Bluesky

Profile picture fallback
CVE-2026-25087 Exposed: How a Single Malicious File Can Crash Your Apache Arrow Applications + Video Introduction: In the high-stakes world of data engineering and cybersecurity, the trust placed in data serialization formats is absolute. Apache Arrow, a cornerstone for high-performance data…
  • 0
  • 0
  • 0
  • 7h ago
Showing 31 to 40 of 57 CVEs