CVE Vulnerabilities - 3 April 2026

An attacker can use Azure Databricks to access and control systems on your network without permission. This could allow them to steal data, disrupt operations, or install malware. To protect your comp...

An attacker can access and control Azure Kubernetes Service resources without permission, potentially leading to unauthorized changes or data breaches. This affects organizations that use Azure Kubern...

An unauthorized user can gain elevated privileges on a network by exploiting a weakness in Azure AI Foundry's authorization process. This means they could potentially access or tamper with sensitive d...

### Summary * POST multipart upload directory not sanitized | `httpserver/updown.go:71-174` This finding affect the default configuration, no flags or authentication required. ### Details **File:**...

### Summary * PUT upload has no path sanitization | `httpserver/updown.go:20-69` This finding affects the default configuration, no flags or authentication required. ### Details **File:** `httpserv...

An attacker can exploit a configuration file vulnerability in Kedro to run malicious code during application startup. This can happen if an attacker controls the KEDRO_LOGGING_CONFIG environment varia...

An attacker with permission to manage Azure Custom Locations can use this issue to gain control over network resources. This could allow them to access sensitive data or disrupt services. Users should...

An attacker can inject malicious code into their user profile name, which is then stored and executed when others view the profile, potentially allowing them to take over accounts. This can happen whe...

A security issue in OpenClaw allows an attacker with a paired node to gain full access to the gateway, potentially allowing them to take control of the system. This is a serious risk because it requir...

A security issue in OpenClaw allows attackers to escape from a safe area of the system and access sensitive information. This affects users who are running version 2026.3.28 or earlier of the OpenClaw...

OpenClaw software allows attackers to access files outside a safe area, potentially leading to unauthorized data access or modification. This issue affects versions of OpenClaw installed through npm b...

If you use custom cache keys in Fast-JWT, it can lead to user identity mix-ups, allowing one user to access another's account or gain extra privileges. To fix this, ensure your custom cache key builde...

A configuration issue in Better Auth allows users with valid login credentials to bypass the second authentication factor and access protected areas of an application. This can happen when two-factor ...

A mistake in Azure MCP Server's authentication process makes it possible for unauthorized users to access sensitive information over the network. This means that an attacker could potentially see conf...

If an attacker controls the workspace environment variables, they can potentially bypass security settings in OpenClaw. This is a high-risk issue, but it requires an attacker to have control over the ...

An attacker with access to the Updates module can execute arbitrary SQL commands, potentially damaging the database. This affects OpenSTAManager versions prior to 2.10.2. Upgrade to version 2.10.2 or ...

An attacker can take control of a gateway computer if they have access to a paired node that is not properly secured. This is a serious issue because it allows an attacker to execute arbitrary code on...

OpenClaw versions up to 2026.3.28 have a security flaw that allows a hacker to access and manipulate files on the system. This is due to unrestricted file syncing and the ability to create symlinks, w...

A critical issue in Apple's Swift cryptography library allows an attacker to potentially crash the application or access sensitive information. This issue is fixed in version 4.3.1. Update to the late...

An attacker can bypass two-factor authentication in Better Auth by exploiting a session caching issue. This allows them to access protected areas of the application without completing the second verif...

A security issue in OpenClaw allows hackers to gain more access than they should during the initial setup process. This can happen when pairing devices. To fix this, update OpenClaw to version 2026.3....

The OpenClaw software has a security weakness that could allow an attacker to gain more access than they should during the initial setup process. This is a serious issue, as it could potentially lead ...

Some versions of OpenClaw's Node browser proxy allow unauthorized access to profiles. This can happen when a malicious user exploits a weakness in the way profiles are handled. To fix this, update Ope...

OpenClaw, a software tool, has a security weakness that could allow a hacker to escape the security sandbox and take control of your system. This affects versions of OpenClaw released before March 31,...

## Summary Incomplete scope-clearing fix allows operator.admin escalation via trusted-proxy auth mode ## Current Maintainer Triage - Normalized severity: high - Assessment: v2026.3.28 still misses tr...