VYPR

CVEs

100,082 total · page 100 of 2,002

  • CVE-2026-7363HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-7361HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-7359HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7358HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7357HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7356HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Navigation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7355HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-7354HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Out of bounds read and write in Angle in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7353HigApr 28, 2026
    risk 0.54cvss 8.3epss 0.00

    Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7352HigApr 28, 2026
    risk 0.54cvss 8.3epss 0.00

    Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7350HigApr 28, 2026
    risk 0.54cvss 8.3epss 0.00

    Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7349HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High)

  • CVE-2026-7348HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7347HigApr 28, 2026
    risk 0.53cvss 8.1epss 0.00

    Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)

  • CVE-2026-7346HigApr 28, 2026
    risk 0.53cvss 8.1epss 0.00

    Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7345HigApr 28, 2026
    risk 0.54cvss 8.3epss 0.00

    Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7344HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-7343HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-7342HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7341HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7339HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-7338HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)

  • CVE-2026-7337HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Type Confusion in V8 in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7336HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7335HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7334HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-42167HigApr 28, 2026
    risk 0.46cvss 8.1epss 0.04

    mod_sql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands (e.g., COPY TO PROGRAM).

  • CVE-2026-7319HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.01

    A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function _get_context_file_path of the file src/execution_system_mcp/server.py of the component add_action Tool. This manipulation of the argument context causes path traversal. The attack…

  • CVE-2026-7316HigApr 28, 2026
    risk 0.48cvss 7.3epss 0.01

    A vulnerability has been found in eiliyaabedini aider-mcp up to 667b914301aada695aab0e46d1fb3a7d5e32c8af. Affected is an unknown function of the file aider_mcp.py of the component code_with_ai. The manipulation of the argument working_dir/editable_files leads to command…

  • CVE-2026-7315HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function get_pdf_path of the file src/spire_pdf_mcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be…

  • CVE-2026-7314HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function get_doc_path of the file src/spire_doc_mcp/api/base.py. Performing a manipulation of the argument document_name results in path traversal. The attack can be initiated remotely. The…

  • CVE-2026-41649HigApr 28, 2026
    risk 0.43cvss 7.7epss 0.00

    Outline is a service that allows for collaborative documentation. The `shares.create` API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both `collectionId` and `documentId` are provided in the request, the…

  • CVE-2026-42432HigApr 28, 2026
    risk 0.44cvss 7.8epss 0.00

    OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without the operator.admin scope requirement. Attackers can bypass re-pairing authentication to execute privileged commands on the…

  • CVE-2026-42431HigApr 28, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the browser.request persistent profile-mutation guard and modify browser…

  • CVE-2026-42429HigApr 28, 2026
    risk 0.39cvss 7.1epss 0.00

    OpenClaw before 2026.4.8 contains a privilege escalation vulnerability in the gateway plugin HTTP authentication mechanism that escalates identity-bearing operator.read requests to runtime operator.write permissions. Attackers can exploit this by sending read-scoped requests…

  • CVE-2026-42428HigApr 28, 2026
    risk 0.39cvss 7.1epss 0.00

    OpenClaw versions before 2026.4.8 fail to enforce integrity verification on downloaded plugin archives. Attackers can install malicious or tampered plugin packages without detection, compromising the local assistant environment.

  • CVE-2026-42426HigApr 28, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged users to approve node pairing. Attackers with operator.write…

  • CVE-2026-42423HigApr 28, 2026
    risk 0.42cvss 7.5epss 0.00

    OpenClaw before 2026.4.8 contains an approval-timeout fallback mechanism that bypasses strictInlineEval explicit-approval requirements on gateway and node exec hosts. Attackers can exploit this timeout fallback to execute inline eval commands that should require explicit user…

  • CVE-2026-42422HigApr 28, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not undergone intended approval.

  • CVE-2026-41914HigApr 28, 2026
    risk 0.48cvss 8.5epss 0.00

    OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to access internal resources and bypass allowlist policies.

  • CVE-2026-41912HigApr 28, 2026
    risk 0.42cvss 7.6epss 0.00

    OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser interactions to bypass SSRF protections and access restricted resources.

  • CVE-2026-41405HigApr 28, 2026
    risk 0.42cvss 7.5epss 0.00

    OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performing JWT validation, allowing unauthenticated attackers to trigger resource exhaustion. Remote attackers can send malicious Teams webhook payloads to exhaust server resources by bypassing…

  • CVE-2026-41404HigApr 28, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.3.31 contains an incomplete scope-clearing vulnerability in trusted-proxy authentication mode that allows operator.admin privilege escalation. Attackers can exploit this by declaring operator scopes on non-Control-UI clients, allowing self-declared scopes to…

  • CVE-2026-41399HigApr 28, 2026
    risk 0.42cvss 7.5epss 0.00

    OpenClaw before 2026.3.28 accepts unbounded concurrent unauthenticated WebSocket upgrades without pre-authentication budget allocation. Unauthenticated network attackers can exhaust socket and worker capacity to disrupt WebSocket availability for legitimate clients.

  • CVE-2026-41396HigApr 28, 2026
    risk 0.44cvss 7.8epss 0.00

    OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_PLUGINS_DIR environment variable, compromising plugin trust verification. Attackers with control over workspace configuration can inject malicious plugins by overriding the bundled plugin…

  • CVE-2026-41395HigApr 28, 2026
    risk 0.42cvss 7.5epss 0.00

    OpenClaw before 2026.3.28 contains a webhook replay vulnerability in Plivo V3 signature verification that canonicalizes query ordering for signatures but hashes raw URLs for replay detection. Attackers can reorder query parameters to bypass replay cache detection and trigger…

  • CVE-2026-41394HigApr 28, 2026
    risk 0.46cvss 8.2epss 0.00

    OpenClaw before 2026.3.31 contains an authentication bypass vulnerability where unauthenticated plugin-auth HTTP routes receive operator runtime write scopes. Attackers can access these routes without authentication to perform privileged runtime actions intended for authorized…

  • CVE-2026-41390HigApr 28, 2026
    risk 0.40cvss 7.3epss 0.00

    OpenClaw before 2026.3.28 contains an exec allowlist bypass vulnerability where allow-always persistence fails to unwrap /usr/bin/script and similar wrappers before storing trust decisions. Attackers can obtain user approval for one wrapped command to persist trust for wrapper…

  • CVE-2026-41387HigApr 28, 2026
    risk 0.44cvss 7.8epss 0.00

    OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec requests to redirect package…

  • CVE-2026-41384HigApr 28, 2026
    risk 0.44cvss 7.8epss 0.00

    OpenClaw before 2026.3.24 contains an environment variable injection vulnerability in the CLI backend runner that allows attackers to inject malicious environment variables through workspace configuration. Attackers can craft malicious workspace configs to inject arbitrary…