CVE.report search for "CVE-2026-59151"
Listed below are 50 relevant search results for "CVE-2026-59151" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, the underlying source record does not currently include normalized affected-product data.
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2026-62200 | OpenClaw versions before 2026.6.1 contain a flaw in host exec environment filtering that could allow Git ext transport to be ... | ||
| CVE-2026-62199 | OpenClaw versions before 2026.6.6 contain a flaw in host exec environment filtering that can miss interpreter startup variabl... | ||
| CVE-2026-62198 | OpenClaw versions 2026.5.28 before 2026.6.6 contain an authorization bypass vulnerability in native web search that allows lo... | ||
| CVE-2026-62197 | OpenClaw before 2026.6.6 contains a policy bypass vulnerability in browser CDP discovery that accepts blocked WebSocket URLs.... | ||
| CVE-2026-62196 | OpenClaw versions 2026.3.22 before 2026.6.6 contain an authorization bypass vulnerability where WhatsApp group IDs can satisf... | ||
| CVE-2026-62195 | OpenClaw versions 2026.5.20 before 2026.6.6 contain an authorization bypass vulnerability in the MCP loopback feature that al... | ||
| CVE-2026-62194 | OpenClaw versions 2026.5.20 before 2026.6.9 contain a privilege escalation vulnerability in plugin install commands that allo... | ||
| CVE-2026-62193 | OpenClaw versions 2026.6.5 before 2026.6.9 contain a vulnerability in the plugin install wrappers that could skip the install... | ||
| CVE-2026-62192 | OpenClaw versions 2026.6.6 before 2026.6.9 contain an authorization bypass vulnerability in Discord guild actions that allows... | ||
| CVE-2026-62191 | OpenClaw versions 2026.6.6 before 2026.6.9 contain an authorization bypass vulnerability in message mutation handling that al... | ||
| CVE-2026-62190 | OpenClaw versions before 2026.6.9 contain an authorization bypass vulnerability in the flock wrapper that allows lower-trust ... | ||
| CVE-2026-62189 | OpenClaw versions before 2026.6.9 contain a symlink following vulnerability in the mirror sync feature that allows lower-trus... | ||
| CVE-2026-62188 | OpenClaw @openclaw/feishu versions 2026.6.6 and earlier contain an incorrect authorization vulnerability in which the Feishu ... | ||
| CVE-2026-62187 | OpenClaw Feishu tools (npm package @openclaw/feishu) in versions <= 2026.6.6 could ignore per-account disablement. A lower-tr... | ||
| CVE-2026-62186 | OpenClaw versions before 2026.6.8 contain an authorization bypass vulnerability in OpenAI-compatible HTTP model overrides tha... | ||
| CVE-2026-61692 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61454. Reason: This candidate is a dupli... | ||
| CVE-2026-61492 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible |
| CVE-2026-60104 | Bitwarden Server before 2026.6.0 does not verify that the email in a POST /auth-requests/admin-request body belongs to the au... | ||
| CVE-2026-59828 | Discourse | Discourse | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that sho... |
| CVE-2026-59805 | Gumroad before 2026.07.06.2 contains a broken access control vulnerability in the PurchasesController that allows authenticat... | ||
| CVE-2026-59800 | 9Router before 0.4.44 contains an OS command injection vulnerability in the unauthenticated POST /api/tunnel/tailscale-instal... | ||
| CVE-2026-59796 | Jetbrains | Teamcity | In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks |
| CVE-2026-59795 | Jetbrains | Teamcity | In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible |
| CVE-2026-59794 | Jetbrains | Teamcity | In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data |
| CVE-2026-59793 | Jetbrains | Teamcity | In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration |
| CVE-2026-59792 | Jetbrains | Intellij Idea | In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was po... |
| CVE-2026-59791 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible |
| CVE-2026-59721 | Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, the updateInfraConfigs GraphQL mutation in admin/i... | ||
| CVE-2026-59720 | Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, mock server creation in mock-server.service.ts doe... | ||
| CVE-2026-59261 | Openclaw | Openclaw | OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv files can override provider cre... |
| CVE-2026-58465 | Eclipse Wakaama before snapshot/2026-05-26 contains an unbounded memory allocation vulnerability in the CoAP Block1 handler w... | ||
| CVE-2026-58448 | yudao-cloud before 2026.06 contains a broken access control vulnerability in the BPM module that allows any authenticated use... | ||
| CVE-2026-58374 | W1.fi | Hostapd | In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association requ... |
| CVE-2026-57950 | ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control vulnerability in ErpSaleOrderControll... | ||
| CVE-2026-57949 | ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module's GE... | ||
| CVE-2026-57926 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 the websandbox bridge was vulnerable to a prototype pollution attack |
| CVE-2026-57925 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading saved queries and tags |
| CVE-2026-57924 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details |
| CVE-2026-57923 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project... |
| CVE-2026-57922 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible |
| CVE-2026-57921 | Jetbrains | Youtrack | In JetBrains YouTrack before 2026.2.16593 improper access control allowed reading users' private data via the comment templat... |
| CVE-2026-57920 | Peplink | Intcontrol 2 | Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /re... |
| CVE-2026-57913 | Johnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts... | ||
| CVE-2026-57575 | Misskey is an open source, federated social media platform. Prior to 2026.6.0, Misskey contains a Server-Side Request Forgery... | ||
| CVE-2026-57574 | Misskey is an open source, federated social media platform. Prior to 2026.6.0, Misskey contains a vulnerability in Time-based... | ||
| CVE-2026-57522 | Bitwarden | Server | Bitwarden Server before 2026.5.0 contains a JSON injection vulnerability in IntegrationTemplateProcessor.ReplaceTokens(), whi... |
| CVE-2026-57521 | Bitwarden | Server | Bitwarden Server before 2026.5.0 contains a broken access control vulnerability that allows any authenticated user to access ... |
| CVE-2026-57520 | Bitwarden | Server | Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with Ma... |
| CVE-2026-57476 | Deloitte AI Assist for Customer exposed unauthenticated API endpoints that allowed an attacker with knowledge of additional p... | ||
| CVE-2026-57475 | Deloitte AI Assist for Customer accepted unauthenticated POST requests through public-facing API endpoints that allowed a rem... | ||