CVE Vulnerabilities - 13 March 2026

XML Encryption: Unvalidated AES-GCM Tags Allow Decryption

GHSA-4v26-v6cg-g6f9 CVE-2026-32313

### Summary XML nodes encrypted with either aes-128-gcm, aes-192-gcm, or aes-256-gcm lack validation of the authentication tag length. An attacker can...

8.2

Magic Wormhole: Malicious File Overwrite Using 'wormhole receive'

CVE-2026-32116 GHSA-4g4c-mfqg-pj8r

### Impact _What kind of vulnerability is it? Who is impacted?_ Receiving a file (`wormhole receive`) from a malicious party could result in overwrit...

8.2

Deno 2.7.0-2.7.1: Command Injection Allows Malicious Command Execution

CVE-2026-32260 GHSA-4c96-w8v2-p28j

## Summary A command injection vulnerability exists in Deno's `node:child_process` polyfill (`shell: true` mode) that bypasses the fix for CVE-20...

8.1

OpenClaw: Untrusted Sites Can Access Sensitive Settings

GHSA-5wcw-8jjv-m286 CVE-2026-32302

OpenClaw is a personal AI assistant. Prior to 2026.3.11, browser-originated WebSocket connections could bypass origin validation when gateway.auth.mod...

8.1

OpenClaw: Malicious scripts can bypass security approval on some systems

GHSA-qc36-x95h-7j53

## Summary In affected versions of `openclaw`, node-host `system.run` approvals did not bind a mutable file operand for some script runners, including...

8.1

OneUptime: Stored XSS via Mermaid Diagram Rendering (securityLevel: "loose")

GHSA-wvh5-6vjm-23qh CVE-2026-32308

### Summary The Markdown viewer component renders Mermaid diagrams with `securityLevel: "loose"` and injects the SVG output via `innerHTML`. This con...

7.6

AutoMapper Can Crash Your Server with Deep Object Graphs

GHSA-rvv3-g6hj-g44x

### Summary AutoMapper is vulnerable to a Denial of Service (DoS) attack. When mapping deeply nested object graphs, the library uses recursive method...

7.5

Microsoft.Bcl.Memory Denial of Service Vulnerability in idunno.Bluesky and idunno.AtProto

GHSA-8fh9-c4jq-94h4

# idunno.Bluesky, idunno.AtProto and idunno.AtProto.OAuthCallback Denial of Service Vulnerability ## Impact The `Microsoft.Bcl.Memory` package, a tr...

7.5

Node.js WebSocket Client Can Crash from Large Compressed Data

CVE-2026-1526 GHSA-vrm6-8vpv-qv8q

## Description The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate dec...

7.5

undici WebSocket client crashes when connecting to malicious server

CVE-2026-2229 GHSA-v9p9-hfj2-hcw8

### Impact The undici WebSocket client is vulnerable to a denial-of-service attack due to improper validation of the `server_max_window_bits` paramet...

7.5

undici: Large WebSocket frame crashes the server

CVE-2026-1528 GHSA-f269-vfmq-vjvj

### Impact A server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows interna...

7.5

PyJWT fails to reject unknown JWT extensions

GHSA-752w-5fwx-jx9f CVE-2026-32597

## Summary PyJWT does not validate the `crit` (Critical) Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a `crit` array listi...

7.5

Scrapy: Malicious Header Can Cause Process Termination

GHSA-cwxj-rr6w-m6w7

### Impact Since version 1.4.0, Scrapy respects the `Referrer-Policy` response header to decide whether and how to set a `Referer` header on follow-u...

7.5

CairoSVG Can Be Overwhelmed by Malicious SVG Files

GHSA-f38f-5xpm-9r7c CVE-2026-31899

## Summary Kozea/CairoSVG has exponential denial of service via recursive `<use>` element amplification in `cairosvg/defs.py` (line ~335). This cause...

7.5

SM9 Decryption Allows Attackers to Forge Ciphertext

GHSA-5xxp-2vrj-x855 CVE-2026-32614

## Overview The current SM9 decryption implementation contains an infinity-point ciphertext forgery vulnerability. The root cause is that, during dec...

9.2

OpenClaw allows unauthorized files to be written outside intended area

GHSA-mj4p-rc52-m843

## Summary In affected versions of `openclaw`, sandbox fs-bridge writes validated the destination before commit, but temporary file creation and popul...

7.5

flatted Can Be Hacked to Crash Server with Malicious Data

CVE-2026-32141 GHSA-25h7-pfq9-p65f

## Summary flatted's `parse()` function uses a recursive `revive()` phase to resolve circular references in deserialized JSON. When given a crafted p...

7.5

Dagu: Unauthenticated Access to Real-Time Data in Basic Auth Mode

GHSA-9wmw-9wph-2vwp CVE-2026-31882

# SSE Authentication Bypass in Basic Auth Mode ## Summary When Dagu is configured with HTTP Basic authentication (`DAGU_AUTH_MODE=basic`), all Serve...

7.5

Argo Workflows Exposes Sensitive Template Content

GHSA-56px-hm34-xqj5 CVE-2026-28229 BIT-argo-workflows-2026-28229

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 4.0.2 and 3.7.11, Workflow t...

7.5

OpenClaw: Unauthentic Code Execution via Node-Host Approval

GHSA-xf99-j42q-5w5p

## Summary In affected versions of `openclaw`, node-host `system.run` approvals could still execute rewritten local code for interpreter and runtime c...

7.3

github.com/ctfer-io/monitoring Vulnerable to Improper Access Control

GHSA-7x23-j8gv-v54x CVE-2026-32720

### Impact Due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the security-by-defau...

7.1

OpenClaw: Unauthorized Admin Changes to Browser Profiles

GHSA-vmhq-cqm9-6p7q

### Summary An authorization mismatch in the gateway let an authenticated caller with only `operator.write` use `browser.request` to reach browser pr...

7.1

OpenClaw: Misleading Approval Text in Node-Host Executions

GHSA-rw39-5899-8mxp

## Summary In affected versions of `openclaw`, node-host `system.run` approvals could display only an extracted shell payload such as `jq --version` w...

7.1

Fickling's Platform Module Can Execute Malicious Code

GHSA-5cxw-w2xg-2m8h

# Our assessment We added `platform` to the blocklist of unsafe modules (https://github.com/trailofbits/fickling/commit/351ed4d4242b447c0ffd550bb66b4...

6.9

Fickling Software Allows Malicious File Access Through Pickle Data

GHSA-r48f-3986-4f9c

# Our analysis As stated in the [project's security policy](https://github.com/trailofbits/fickling/security/policy), we also don't consider `UnusedV...

6.9