Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-32973 | 1 Openclaw | 1 Openclaw | 2026-03-30 | N/A | 9.8 CRITICAL |
| OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching that overmatches on POSIX paths. Attackers can exploit the ? wildcard matching across path segments to execute commands or paths not intended by operators. | |||||
| CVE-2026-23651 | 1 Microsoft | 1 Aci Confidential Containers | 2026-03-16 | N/A | 6.7 MEDIUM |
| Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2023-6544 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized. | |||||