Résumé
OpenClaw: memory-wiki shared search could miss session visibility checks
Références
Vulnérabilités liées
Tout Supply chain →- MEDIUMGHSA-MPC8-JXJH-QPGH
OpenClaw: Focus command could miss controlScope enforcement
- HIGHGHSA-HJWC-26PJ-V3PM
AgenticMail: Cross-agent task authorization bypass in AgenticMail API
- HIGHGHSA-J8CV-X86Q-RJ85
Pipecat: Telephony WebSocket `/ws` Unauthenticated Call-Control Abuse via Attacker-Supplied Call SID
- HIGHGHSA-R3W8-2C5R-H9J9
Kirby: `pages.access` permission is not checked in the `site/find` REST API route
- MEDIUMGHSA-89CP-7P28-JFFG
Kirby: Access to files of top-level drafts is not protected by permissions
- MEDIUMGHSA-23Q2-54QV-RQ5X
Kirby: `pages.access` permission is not checked in the pages picker for parent pages