MEDIUM4.4CVE-2026-55650Outerbase Studio: Stored XSS in Text Widget Leads to Authentication Token Exposure
MEDIUM6.1Allure Report: Stored XSS via unescaped ANSI helper in status message/trace rendering
MEDIUM6.2Allure Report: Path Traversal in HTTP Server Allows Arbitrary File Read
MEDIUM5.3NL Portal Backend Libraries: Unauthenticated form resolver forwards the privileged Objecten-API token to a caller-supplied URL (SSRF)
CRITICAL9.9Network-AI: Improper Neutralization of Special Elements used in an OS Command
CRITICAL9.1Network-AI: CVE-2026-46701 fix incomplete — empty default secret still authorizes all requests
MEDIUM5.3ts-deepmerge: Prototype Method Override leads to DoS
MEDIUM5.8Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints
CRITICAL9.8gemini-mcp-tool vulnerable to OS command injection and @file exfiltration via prompt quoting (CVE-2026-0755)
MEDIUM5.4OpenClaw: Empty-scope device re-pairing could confuse caller scope containment
MEDIUM4.2OpenClaw: BlueBubbles sender policy could match mutable conversation identifiers
MEDIUM6.5OpenClaw: memory-wiki shared search could miss session visibility checks
MEDIUM5.5OpenClaw: Config recovery could restore openclaw.json with broad file permissions
MEDIUM4.3OpenClaw: Skill-command dispatch could skip before-tool-call hooks
MEDIUM6.1OpenClaw: Exported session HTML could keep unsafe markdown links
MEDIUM5.3OpenClaw: Slack reaction events could ignore reaction notification settings
MEDIUM4.2OpenClaw: Bootstrap token replay could widen pending pairing scopes
MEDIUM6.5OpenClaw: Hostname checks could treat trailing-dot hosts inconsistently
MEDIUM4.3OpenClaw: Exec allowlist could miss side effects from transparent command wrappers
MEDIUM6.5NL Portal Backend Libraries: Document contents remained downloadable by any logged-in user (incomplete fix of CVE-2026-49463)
MEDIUM6.6OpenClaw: macOS Swift exec allowlist missed combined POSIX inline flags
MEDIUM5.4Strimzi: Unrestricted access to all Secrets within namespace watched by the Topic operator
MEDIUM5.9undici vulnerable to HTTP header injection via Set-Cookie percent-decoding
MEDIUM5.9undici vulnerable to cross-user information disclosure via shared cache whitespace bypass
MEDIUM6.5Apache DolphinScheduler: An incorrect authorization vulnerability allows authenticated users to access alert instances associated with alert groups they do not have permission to access.