Security Intelligence
Feed

Real-time CVE tracking, exploit analysis, and vulnerability intelligence curated for security professionals.

316 New today

62,159 Total advisories

Live Monitoring

Daily Security Trends (Last 14 Days)

May 31

417

Jun 1

295

Jun 2

151

Jun 3

354

Jun 4

517

Jun 5

109

Jun 6

Jun 7

255

Jun 8

658

Jun 9

351

Jun 10

245

Jun 11

336

Jun 12

Jun 13

Critical

High

Medium

Low

Latest

CVE CVSS 6

OpenClaw < 2026.5.2 - Credential Exposure via Model-Supplied Loopback URLs in message.action Forwarding_CVE-2026-53827

OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and ac...

CVE-2026-53827 OpenClaw OpenClaw

Jun 12, 2026

Read analysis

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 2.3	CVE-2026-53826	OpenClaw < 2026.4.26 - Information Disclosure via Sandboxed Session Spawn_CVE-2026-53826 OpenClaw before 2026.4.26 contains an information disclosure vulnerability in sandboxed session spawning that exposes the real workspace path to ch...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 7.1	CVE-2026-53825	OpenClaw < 2026.4.7 - Arbitrary Local File Read via memory-wiki Ingest with operator.write Scope_CVE-2026-53825 OpenClaw before 2026.4.7 contains an arbitrary file read vulnerability in the memory-wiki ingest feature that allows authenticated Gateway operator...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
MEDIUM 6	CVE-2026-53824	Mattermost < 2026.4.24 - Slash Token Revocation Lag via Monitor Refresh Delay_CVE-2026-53824 OpenClaw before 2026.4.24 contains a token revocation vulnerability allowing callers with revoked slash tokens to continue executing commands durin...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 8.6	CVE-2026-53823	OpenClaw < 2026.5.3 - Privilege Escalation via Mutable Slack Display Names in allowFrom_CVE-2026-53823 OpenClaw before 2026.5.3 contains a privilege escalation vulnerability in the allowFrom feature that binds to mutable Slack display names. Attacker...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 8.7	CVE-2026-53822	OpenClaw < 2026.5.18 - Command Argument Modification via Shell Wrapper Between Approval and Execution_CVE-2026-53822 OpenClaw before 2026.5.18 contains a command injection vulnerability where shell wrapper argv could change between approval and execution. Attacker...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
HIGH 8.7	CVE-2026-53821	OpenClaw < 2026.5.18 - Scope Elevation in trusted-proxy Control UI WebSocket_CVE-2026-53821 OpenClaw before 2026.5.18 accepts WebSocket client-declared operator scopes before binding to server-approved pairing or trusted-proxy authorizatio...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
MEDIUM 6.9	CVE-2026-53820	OpenClaw < 2026.5.12 - Exec Denylist Bypass in Bundle MCP Loopback Session Spawn_CVE-2026-53820 OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP loopback session-spawn path that allows authenticated ca...	OpenClaw	OpenClaw	Jun 12, 2026	CVE
MEDIUM 5.5	CVE-2025-7019	Avast antivirus stack overflow when scanning a malformed Office Open XML file_CVE-2025-7019 Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process...	Gen Digital	Avast Antivirus	Jun 12, 2026	CVE
MEDIUM 5.5	CVE-2025-7018	Avira antivirus engine null pointer dereference when scanning a malformed PE file_CVE-2025-7018 Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antiv...	Gen Digital	Avira Antivirus	Jun 12, 2026	CVE

Security IntelligenceFeed

Daily Security Trends (Last 14 Days)

OpenClaw < 2026.5.2 - Credential Exposure via Model-Supplied Loopback URLs in message.action Forwarding_CVE-2026-53827

Recent Advisories

OpenClaw < 2026.4.26 - Information Disclosure via Sandboxed Session Spawn_CVE-2026-53826

OpenClaw < 2026.4.7 - Arbitrary Local File Read via memory-wiki Ingest with operator.write Scope_CVE-2026-53825

Mattermost < 2026.4.24 - Slash Token Revocation Lag via Monitor Refresh Delay_CVE-2026-53824

OpenClaw < 2026.5.3 - Privilege Escalation via Mutable Slack Display Names in allowFrom_CVE-2026-53823

OpenClaw < 2026.5.18 - Command Argument Modification via Shell Wrapper Between Approval and Execution_CVE-2026-53822

OpenClaw < 2026.5.18 - Scope Elevation in trusted-proxy Control UI WebSocket_CVE-2026-53821

OpenClaw < 2026.5.12 - Exec Denylist Bypass in Bundle MCP Loopback Session Spawn_CVE-2026-53820

Avast antivirus stack overflow when scanning a malformed Office Open XML file_CVE-2025-7019

Avira antivirus engine null pointer dereference when scanning a malformed PE file_CVE-2025-7018

Protect Your Attack Surface with RedGem

Security Intelligence
Feed