🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-35632 | High | 7.1 |
OpenClaw through 2026.2.22 contains a symlink traversal vulnerability in agents.create and agents.update handlers that u…
|
⚡ Exploit | Apr 9, 2026 |
| CVE-2026-4878 | Medium | 6.7 |
A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition…
|
— | Apr 9, 2026 |
| CVE-2026-33791 | Medium | 6.7 |
An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a l…
|
— | Apr 9, 2026 |
| CVE-2026-21915 | Medium | 6.7 |
A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights (JSI) Virtual Lightweig…
|
— | Apr 9, 2026 |
| CVE-2026-5959 | Medium | 6.6 |
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is …
|
— | Apr 9, 2026 |
| CVE-2026-33782 | Medium | 6.5 |
A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos…
|
— | Apr 9, 2026 |
| CVE-2026-33774 | Medium | 6.5 |
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper N…
|
— | Apr 9, 2026 |
| CVE-2026-33775 | Medium | 6.5 |
A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (b…
|
— | Apr 9, 2026 |
| CVE-2025-59969 | Medium | 6.5 |
A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the advanced forwarding toolki…
|
— | Apr 9, 2026 |
| CVE-2026-35636 | Medium | 6.5 |
OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where session_status reso…
|
— | Apr 9, 2026 |
| CVE-2026-33781 | Medium | 6.5 |
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper N…
|
— | Apr 9, 2026 |
| CVE-2026-35644 | Medium | 6.5 |
OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scop…
|
— | Apr 9, 2026 |
| CVE-2026-35618 | Medium | 6.5 |
OpenClaw before 2026.3.23 contains a replay identity vulnerability in Plivo V2 signature verification that allows attack…
|
— | Apr 9, 2026 |
| CVE-2026-35631 | Medium | 6.5 |
OpenClaw before 2026.3.22 fails to enforce operator.admin scope on mutating internal ACP chat commands, allowing unautho…
|
— | Apr 9, 2026 |
| CVE-2026-33783 | Medium | 6.5 |
A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved …
|
— | Apr 9, 2026 |
| CVE-2026-33780 | Medium | 6.5 |
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Jun…
|
— | Apr 9, 2026 |
| CVE-2026-21919 | Medium | 6.5 |
An Incorrect Synchronization vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Junos OS Evol…
|
— | Apr 9, 2026 |
| CVE-2026-33779 | Medium | 6.5 |
An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Serie…
|
— | Apr 9, 2026 |
| CVE-2026-35627 | Medium | 6.5 |
OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before enforci…
|
— | Apr 9, 2026 |
| CVE-2026-3005 | Medium | 6.4 |
The List category posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'catlist' sho…
|
— | Apr 9, 2026 |