Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 24 Jun 2026 04:32:06 +0000 d3e2e939-fa2b-4d32-a734-05dcf99dd523 https://vulnerability.circl.lu/sighting/d3e2e939-fa2b-4d32-a734-05dcf99dd523/export {"uuid": "d3e2e939-fa2b-4d32-a734-05dcf99dd523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53849", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mogoznygie2a", "content": "\ud83d\udfe0 CVE-2026-53849 - High (8.1)\n\nOpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom featur...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-53849/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T21:01:31.451241Z"} {"uuid": "d3e2e939-fa2b-4d32-a734-05dcf99dd523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53849", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mogoznygie2a", "content": "\ud83d\udfe0 CVE-2026-53849 - High (8.1)\n\nOpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom featur...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-53849/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T21:01:31.451241Z"} https://vulnerability.circl.lu/sighting/d3e2e939-fa2b-4d32-a734-05dcf99dd523/export Tue, 16 Jun 2026 21:01:31 +0000 66b04677-e9f1-4dfb-8a3c-9faf7673ae5e https://vulnerability.circl.lu/sighting/66b04677-e9f1-4dfb-8a3c-9faf7673ae5e/export {"uuid": "66b04677-e9f1-4dfb-8a3c-9faf7673ae5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53849", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogqe2tzjc2x", "content": "CVE-2026-53849 - OpenClaw\nCVE ID : CVE-2026-53849\n \n Published : June 16, 2026, 7:17 p.m. | 1\u00a0hour, 51\u00a0minutes ago\n \n Description : OpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom feature improperly validates Discord account identity ...", "creation_timestamp": "2026-06-16T21:25:13.596688Z"} {"uuid": "66b04677-e9f1-4dfb-8a3c-9faf7673ae5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53849", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogqe2tzjc2x", "content": "CVE-2026-53849 - OpenClaw\nCVE ID : CVE-2026-53849\n \n Published : June 16, 2026, 7:17 p.m. | 1\u00a0hour, 51\u00a0minutes ago\n \n Description : OpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom feature improperly validates Discord account identity ...", "creation_timestamp": "2026-06-16T21:25:13.596688Z"} https://vulnerability.circl.lu/sighting/66b04677-e9f1-4dfb-8a3c-9faf7673ae5e/export Tue, 16 Jun 2026 21:25:13 +0000 b855431f-f23a-4fd2-89a9-3598a41e7764 https://vulnerability.circl.lu/sighting/b855431f-f23a-4fd2-89a9-3598a41e7764/export {"uuid": "b855431f-f23a-4fd2-89a9-3598a41e7764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53849", "type": "seen", "source": "https://gist.github.com/alon710/303180a576c9b715b0944ef26db287db", "content": "# CVE-2026-53849: CVE-2026-53849: Privilege Escalation and Authentication Bypass via Mutable Discord Display Names in OpenClaw allowFrom\n\n> **CVSS Score:** 8.6\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-53849\n\n## Summary\nOpenClaw before version 2026.5.7 contains a security vulnerability where the allowFrom feature improperly validates Discord account identity using mutable display names rather than immutable user IDs. This allows remote attackers to bypass authorization controls and escalate privileges by changing their Discord display or global names to match a configured policy entry.\n\n## TL;DR\nOpenClaw before 2026.5.7 allows remote privilege escalation because its authentication policy checks mutable Discord display names instead of unique, immutable Snowflake IDs.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-290 (Authentication Bypass by Spoofing)\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 8.6 (High)\n- **EPSS Score**: 0.00213 (0.213%)\n- **Impact**: Privilege Escalation / Remote Command Execution\n- **Exploit Status**: Proof of Concept (PoC)\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- openclaw\n- **openclaw**: < 2026.5.7 (Fixed in: `2026.5.7`)\n\n## Mitigation\n\n- Upgrade openclaw dependency to version 2026.5.7 or later\n- Migrate allowFrom configurations from display names to static, immutable 18-digit Discord Snowflake IDs\n- Implement channel access restrictions inside Discord settings\n\n**Remediation Steps:**\n1. Identify any configuration files utilizing allowFrom\n2. Replace text-based display names with the matching Discord Snowflake IDs\n3. Run npm install openclaw@2026.5.7 to update the package\n4. Restart the OpenClaw service and monitor logs to verify successful startup\n\n## References\n\n- [GitHub Security Advisory](https://github.com/openclaw/openclaw/security/advisories/GHSA-cw4q-gqg5-g38h)\n- [VulnCheck Security Portal](https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-mutable-discord-display-names-in-allowfrom)\n- [CVE.org Record](https://www.cve.org/CVERecord?id=CVE-2026-53849)\n- [NVD reference](https://nvd.nist.gov/vuln/detail/CVE-2026-53849)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-53849) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T06:12:11.000000Z"} {"uuid": "b855431f-f23a-4fd2-89a9-3598a41e7764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-53849", "type": "seen", "source": "https://gist.github.com/alon710/303180a576c9b715b0944ef26db287db", "content": "# CVE-2026-53849: CVE-2026-53849: Privilege Escalation and Authentication Bypass via Mutable Discord Display Names in OpenClaw allowFrom\n\n> **CVSS Score:** 8.6\n> **Published:** 2026-06-18\n> **Full Report:** https://cvereports.com/reports/CVE-2026-53849\n\n## Summary\nOpenClaw before version 2026.5.7 contains a security vulnerability where the allowFrom feature improperly validates Discord account identity using mutable display names rather than immutable user IDs. This allows remote attackers to bypass authorization controls and escalate privileges by changing their Discord display or global names to match a configured policy entry.\n\n## TL;DR\nOpenClaw before 2026.5.7 allows remote privilege escalation because its authentication policy checks mutable Discord display names instead of unique, immutable Snowflake IDs.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-290 (Authentication Bypass by Spoofing)\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 8.6 (High)\n- **EPSS Score**: 0.00213 (0.213%)\n- **Impact**: Privilege Escalation / Remote Command Execution\n- **Exploit Status**: Proof of Concept (PoC)\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- openclaw\n- **openclaw**: < 2026.5.7 (Fixed in: `2026.5.7`)\n\n## Mitigation\n\n- Upgrade openclaw dependency to version 2026.5.7 or later\n- Migrate allowFrom configurations from display names to static, immutable 18-digit Discord Snowflake IDs\n- Implement channel access restrictions inside Discord settings\n\n**Remediation Steps:**\n1. Identify any configuration files utilizing allowFrom\n2. Replace text-based display names with the matching Discord Snowflake IDs\n3. Run npm install openclaw@2026.5.7 to update the package\n4. Restart the OpenClaw service and monitor logs to verify successful startup\n\n## References\n\n- [GitHub Security Advisory](https://github.com/openclaw/openclaw/security/advisories/GHSA-cw4q-gqg5-g38h)\n- [VulnCheck Security Portal](https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-mutable-discord-display-names-in-allowfrom)\n- [CVE.org Record](https://www.cve.org/CVERecord?id=CVE-2026-53849)\n- [NVD reference](https://nvd.nist.gov/vuln/detail/CVE-2026-53849)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-53849) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-19T06:12:11.000000Z"} https://vulnerability.circl.lu/sighting/b855431f-f23a-4fd2-89a9-3598a41e7764/export Fri, 19 Jun 2026 06:12:11 +0000