VYPR

Canvas

by Cnvs

CVEs (5)

  • CVE-2026-3690HigApr 11, 2026
    risk 0.41cvss 7.4epss 0.01

    OpenClaw Canvas Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of OpenClaw. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of…

  • CVE-2018-15004MedDec 28, 2018
    risk 0.38cvss 5.9epss 0.01

    The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M/093031423:user/release-keys contains a platform app with a package name of com.qualcomm.qti.modemtestmode (versionCode=24, versionName=7.0) that contains an exported service app component…

  • CVE-2026-3689MedApr 11, 2026
    risk 0.35cvss 6.5epss 0.01

    OpenClaw Canvas Path Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenClaw. Authentication is required to exploit this vulnerability. The specific flaw exists within the…

  • CVE-2017-8298MedApr 27, 2017
    risk 0.35cvss 5.4epss 0.01

    cnvs.io Canvas 3.3.0 has XSS in the title and content fields of a "Posts > Add New" action, and during creation of new tags and users.

  • CVE-2026-1553Feb 4, 2026
    risk 0.00cvss epss 0.00

    Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4.