NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-45577	Neotoma provides versioned records that persist across agent runs. From 0.6.0 to before 0.11.1, Neotoma can treat public reverse-proxied requests as l...	2026-05-29	6.9	NETWORK	MEDIUM	NVD
CVE-2026-44697	Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Ba...	2026-05-29	8.6	NETWORK	HIGH	NVD
CVE-2026-48501	GitHub CLI (gh) is GitHub’s official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF r...	2026-05-29	7.4	NETWORK	HIGH	NVD
CVE-2026-44962	Plesk contains an XPath injection vulnerability in the APS Application Catalog search functionality, where user-supplied input is interpolated into XP...	2026-05-29	9.9	NETWORK	CRITICAL	NVD
CVE-2026-39276	The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP cod...	2026-05-29	7.2	NETWORK	HIGH	NVD
CVE-2026-35674	OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged comman...	2026-05-29	8.8	NETWORK	HIGH	NVD
CVE-2026-35673	OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked ta...	2026-05-29	6.5	NETWORK	MEDIUM	NVD
CVE-2026-35630	OpenClaw before 2026.5.18 contains an authorization bypass vulnerability in QQBot native approval buttons that fails to enforce configured approver id...	2026-05-29	8.0	NETWORK	HIGH	NVD
CVE-2026-34507	OpenClaw before 2026.4.29 contains a policy bypass vulnerability in QQBot admin commands that allows authenticated senders to skip DM-only and allowFr...	2026-05-29	5.4	NETWORK	MEDIUM	NVD
CVE-2026-32906	OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals that allows exec-authorized users to resolve plugin ...	2026-05-29	4.3	NETWORK	MEDIUM	NVD
CVE-2026-32905	OpenClaw before 2026.5.4 contains an authorization bypass vulnerability in the bundled device-pair plugin that allows non-owner authorized chat sender...	2026-05-29	8.3	NETWORK	HIGH	NVD
CVE-2026-10101	ACM/MCE assisted-service writes raw referenced pull-secret contents into `InfraEnv.status.conditions[].message` when pull-secret validation fails. A n...	2026-05-29	6.3	NETWORK	MEDIUM	NVD
CVE-2026-10099	XX-Net V5.16.6 contains a WebSocket frame parsing vulnerability in the WebSocket_receive_worker routine of simple_http_server.py that allows attackers...	2026-05-29	4.0	LOCAL	MEDIUM	NVD
CVE-2026-10064	A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Perform...	2026-05-29	6.3	NETWORK	MEDIUM	NVD
CVE-2018-25396	Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administrative credenti...	2026-05-29	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.