快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359408
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-26327 |
OpenClaw allows unauthenticated discovery TXT records to steer routing and TLS pinning
|
HIGH | 7.1 | 2026-02-19 |
openclaw openclaw
openclaw openclaw
|
CVE NVD | |
| CVE-2026-26326 |
OpenClaw skills.status could leak secrets to operator.read clients
|
MEDIUM | 5.3 | 2026-02-19 |
openclaw openclaw
openclaw openclaw
|
CVE NVD | |
| CVE-2026-26325 |
OpenClaw Node host system.run rawCommand/command mismatch can bypass allowlist/approvals
|
HIGH | 7.2 | 2026-02-19 |
openclaw openclaw
openclaw openclaw
|
CVE NVD | |
| CVE-2026-26953 |
Pi-hole Web Interface has Stored HTML Injection via X-Forwarded-For Header in Active Sessions Table
|
MEDIUM | 5.4 | 2026-02-19 |
pi-hole web
|
CVE NVD | |
| CVE-2026-26324 |
OpenClaw has a SSRF guard bypass via full-form IPv4-mapped IPv6 (loopback / metadata reachable)
|
HIGH | 7.5 | 2026-02-19 |
openclaw openclaw
openclaw openclaw
|
CVE NVD | |
| CVE-2026-26323 |
OpenClaw has a command injection in maintainer clawtributors updater
|
HIGH | 8.6 | 2026-02-19 |
openclaw openclaw
openclaw openclaw
|
CVE NVD | |
| CVE-2026-26952 |
Pi-hole Web Interface has Stored HTML Injection via Local DNS Records (CNAME/Hosts) in data-tag Attribute
|
MEDIUM | 5.4 | 2026-02-19 |
pi-hole web
|
CVE NVD | |
| CVE-2026-1658 |
Content spoofing vulnerability discovered in OpenText™ Directory Services
|
MEDIUM | 5.3 | 2026-02-19 |
OpenText™ Directory Services
opentext directory_services
|
CVE NVD | |
| CVE-2025-9208 |
Stored-XSS vulnerability discovered in OpenText WSM Management Server.
|
HIGH | 7.5 | 2026-02-19 |
OpenText™ Web Site Management Server
OpenText™ Web Site Management Server
+2个
|
CVE NVD | |
| CVE-2025-13671 |
Cross Site request forgery vulnerability discovered in OpenText WSM Management Server.
|
MEDIUM | 5.9 | 2026-02-19 |
OpenText™ Web Site Management Server
OpenText™ Web Site Management Server
+2个
|
CVE NVD | |
| CVE-2025-13672 |
Reflected Cross-Site Scripting discovered in OpenText WSM Management Server.
|
HIGH | 7.0 | 2026-02-19 |
OpenText™ Web Site Management Server
OpenText™ Web Site Management Server
+2个
|
CVE NVD | |
| CVE-2026-26322 |
OpenClaw Gateway tool allowed unrestricted gatewayUrl override
|
HIGH | 7.6 | 2026-02-19 |
openclaw openclaw
openclaw openclaw
|
CVE NVD | |
| CVE-2026-26321 |
OpenClaw has a local file disclosure via sendMediaFeishu in Feishu extension
|
HIGH | 7.5 | 2026-02-19 |
openclaw openclaw
openclaw openclaw
|
CVE NVD | |
| CVE-2026-24122 |
Cosign Certificate Chain Expiry Validation Issue Allows Issuing Certificate Expiry to Be Overlooked
|
LOW | 3.7 | 2026-02-19 |
sigstore cosign
sigstore cosign
|
CVE NVD | |
| CVE-2026-26320 |
OpenClaw macOS deep link confirmation truncation can conceal executed agent message
|
HIGH | 7.1 | 2026-02-19 |
openclaw openclaw
openclaw openclaw
|
CVE NVD | |
| CVE-2025-8054 |
Path Traversal vulnerability have been discovered in OpenText™ XM Fax.
|
HIGH | 7.1 | 2026-02-19 |
OpenText™ XM Fax
opentext xm_fax
|
CVE NVD | |
| CVE-2025-8055 |
SSRF vulnerability have been discovered in OpenText™ XM Fax
|
MEDIUM | 5.3 | 2026-02-19 |
OpenText™ XM Fax
opentext xm_fax
|
CVE NVD | |
| CVE-2026-21535 |
Microsoft Teams Information Disclosure Vulnerability
|
HIGH | 8.2 | 2026-02-19 |
Microsoft Microsoft Teams
microsoft teams
|
CVE NVD | |
| CVE-2026-26319 |
OpenClaw has Missing Webhook Authentication in Telnyx Provider Allowing Unauthenticated Requests
|
HIGH | 7.5 | 2026-02-19 |
openclaw openclaw
openclaw openclaw
|
CVE NVD | |
| CVE-2026-26317 |
OpenClaw affected by cross-site request forgery (CSRF) through loopback browser mutation endpoints
|
HIGH | 7.1 | 2026-02-19 |
openclaw openclaw
openclaw clawdbot
+1个
|
CVE NVD |