Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-23T06:44:02.242137+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/ab704992-c149-4b15-82ce-809f332c3679/export ab704992-c149-4b15-82ce-809f332c3679 2026-06-23T06:44:02.269263+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ab704992-c149-4b15-82ce-809f332c3679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45000", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mllxipqunm2i", "content": "CVE-2026-45000 - OpenClaw\nCVE ID : CVE-2026-45000\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in browser CDP profile creation that skips strict-mode SSRF policy checks. ...", "creation_timestamp": "2026-05-11T19:00:49.354245Z"} 2026-05-11T19:00:49.354245+00:00 https://vulnerability.circl.lu/sighting/d690cbb1-ea84-482e-8dfd-4d8d32d89416/export d690cbb1-ea84-482e-8dfd-4d8d32d89416 2026-06-23T06:44:02.269184+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "d690cbb1-ea84-482e-8dfd-4d8d32d89416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45000", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mllxipqunm2i", "content": "CVE-2026-45000 - OpenClaw\nCVE ID : CVE-2026-45000\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in browser CDP profile creation that skips strict-mode SSRF policy checks. ...", "creation_timestamp": "2026-05-11T19:00:49.356680Z"} 2026-05-11T19:00:49.356680+00:00 https://vulnerability.circl.lu/sighting/cc6ae80c-a8fd-4f4c-b60e-ad853f62edde/export cc6ae80c-a8fd-4f4c-b60e-ad853f62edde 2026-06-23T06:44:02.269106+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "cc6ae80c-a8fd-4f4c-b60e-ad853f62edde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45003", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mllxo3pxue2r", "content": "CVE-2026-45003 - OpenClaw\nCVE ID : CVE-2026-45003\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attacke...", "creation_timestamp": "2026-05-11T19:03:49.837918Z"} 2026-05-11T19:03:49.837918+00:00 https://vulnerability.circl.lu/sighting/51b39a9d-689b-4668-983d-7c39d4d66e69/export 51b39a9d-689b-4668-983d-7c39d4d66e69 2026-06-23T06:44:02.269028+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "51b39a9d-689b-4668-983d-7c39d4d66e69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45003", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mllxo3pxue2r", "content": "CVE-2026-45003 - OpenClaw\nCVE ID : CVE-2026-45003\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.22 allows workspace dotenv files to override connector endpoint hosts for Matrix, Mattermost, IRC, and Synology connectors. Attacke...", "creation_timestamp": "2026-05-11T19:03:49.840360Z"} 2026-05-11T19:03:49.840360+00:00 https://vulnerability.circl.lu/sighting/0b8c4dfb-6554-4731-bb77-e503b4e23f1e/export 0b8c4dfb-6554-4731-bb77-e503b4e23f1e 2026-06-23T06:44:02.268938+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "0b8c4dfb-6554-4731-bb77-e503b4e23f1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45004", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlly2rocca2q", "content": "CVE-2026-45004 - OpenClaw\nCVE ID : CVE-2026-45004\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled plugin setup resolver that loads setup-api.js from process.cwd...", "creation_timestamp": "2026-05-11T19:10:55.478894Z"} 2026-05-11T19:10:55.478894+00:00 https://vulnerability.circl.lu/sighting/2032bbd4-416c-4c8e-bf90-4a8c006c204a/export 2032bbd4-416c-4c8e-bf90-4a8c006c204a 2026-06-23T06:44:02.268852+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "2032bbd4-416c-4c8e-bf90-4a8c006c204a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45004", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlly2rocca2q", "content": "CVE-2026-45004 - OpenClaw\nCVE ID : CVE-2026-45004\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled plugin setup resolver that loads setup-api.js from process.cwd...", "creation_timestamp": "2026-05-11T19:10:55.482630Z"} 2026-05-11T19:10:55.482630+00:00 https://vulnerability.circl.lu/sighting/ce2ff165-999b-44f8-8ce1-d986568d2623/export ce2ff165-999b-44f8-8ce1-d986568d2623 2026-06-23T06:44:02.268775+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ce2ff165-999b-44f8-8ce1-d986568d2623", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45005", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mllychagb52q", "content": "CVE-2026-45005 - OpenClaw\nCVE ID : CVE-2026-45005\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.23 caches resolved webhook route secrets backed by SecretRef values, allowing stale secrets to remain valid after rotation and relo...", "creation_timestamp": "2026-05-11T19:15:12.996272Z"} 2026-05-11T19:15:12.996272+00:00 https://vulnerability.circl.lu/sighting/a4234504-d7a7-44d5-afe3-12ff379a2382/export a4234504-d7a7-44d5-afe3-12ff379a2382 2026-06-23T06:44:02.268691+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "a4234504-d7a7-44d5-afe3-12ff379a2382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45005", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mllychagb52q", "content": "CVE-2026-45005 - OpenClaw\nCVE ID : CVE-2026-45005\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.23 caches resolved webhook route secrets backed by SecretRef values, allowing stale secrets to remain valid after rotation and relo...", "creation_timestamp": "2026-05-11T19:15:12.997686Z"} 2026-05-11T19:15:12.997686+00:00 https://vulnerability.circl.lu/sighting/358101b1-61b4-4cba-a461-5a7f4f882118/export 358101b1-61b4-4cba-a461-5a7f4f882118 2026-06-23T06:44:02.268586+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "358101b1-61b4-4cba-a461-5a7f4f882118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45006", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mllylfpivv2k", "content": "CVE-2026-45006 - OpenClaw\nCVE ID : CVE-2026-45006\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows com...", "creation_timestamp": "2026-05-11T19:20:13.302513Z"} 2026-05-11T19:20:13.302513+00:00 https://vulnerability.circl.lu/sighting/759db6b6-75db-4855-81b5-abf940b6234e/export 759db6b6-75db-4855-81b5-abf940b6234e 2026-06-23T06:44:02.266565+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "759db6b6-75db-4855-81b5-abf940b6234e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45006", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mllylfpivv2k", "content": "CVE-2026-45006 - OpenClaw\nCVE ID : CVE-2026-45006\n \n Published : May 11, 2026, 6:16 p.m. | 14\u00a0minutes ago\n \n Description : OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows com...", "creation_timestamp": "2026-05-11T19:20:13.305256Z"} 2026-05-11T19:20:13.305256+00:00