CVSS Score: 9.8 Published: 2026-03-26 Full Report: https://cvereports.com/reports/GHSA-C7W3-X93F-QMM8

Nodemailer, a widely utilized Node.js package for email transmission, contains a critical input validation vulnerability. The software fails to sanitize the envelope.size parameter, permitting attackers to inject arbitrary SMTP commands via CRLF sequences. This flaw facilitates unauthorized email distribution, bypassing of application-level recipient controls, and internal SMTP reconnaissance.

CVSS Score: 7.5 Published: 2026-03-26 Full Report: https://cvereports.com/reports/GHSA-WCJX-V2WJ-XG87

The c2cciutils package relies on the pyasn1 library for processing Abstract Syntax Notation One (ASN.1) data structures. Prior to version 0.6.3, the pyasn1 library contained a critical uncontrolled recursion flaw in its Basic Encoding Rules (BER) decoder, allowing remote attackers to cause a Denial of Service (DoS) via crafted, deeply nested payloads.

CVSS Score: 7.5 Published: 2026-03-26 Full Report: https://cvereports.com/reports/GHSA-9Q82-XGWF-VJ6H

Apollo Server contains a vulnerability that allows for the bypass of its built-in XS-Search and read-only Cross-Site Request Forgery (CSRF) prevention mechanisms. This bypass is triggered by a non-spec-compliant browser behavior related to CORS preflight requests.

CVSS Score: 7.5 Published: 2026-03-26 Full Report: https://cvereports.com/reports/GHSA-PW7H-9G6P-C378

The OpenClaw Tlon provider extension contains two logic flaws leading to authorization bypass and uncontrolled resource consumption. A falsy evaluation of array lengths prevents the application of empty allowlists, while improper operation ordering allows unauthenticated users to trigger expensive citation processing.

CVSS Score: 7.5 Published: 2026-03-26 Full Report: https://cvereports.com/reports/GHSA-RM59-992W-X2MV

OpenClaw versions prior to 2026.3.23 suffer from an unauthenticated resource exhaustion vulnerability in the voice call webhook component. An architectural flaw allowed untrusted, unauthenticated HTTP connections to consume excessive memory and connection pool resources, leading to a complete Denial of Service (DoS) condition.

CVSS Score: 9.8 Published: 2026-03-26 Full Report: https://cvereports.com/reports/GHSA-48VW-M3QC-WR99

The OpenClaw gateway contains a privilege escalation vulnerability in its WebSocket connection logic when configured for trusted-proxy authentication. Client sessions claiming to be the Control UI over a trusted proxy connection retain self-declared administrative scopes without requiring a bound cryptographic device identity. This flaw permits an attacker capable of routing requests through the proxy to attain full administrative access to the gateway.

CVSS Score: 9.8 Published: 2026-03-26 Full Report: https://cvereports.com/reports/GHSA-39PP-XP36-Q6MG

OpenClaw versions prior to 2026.3.22 are vulnerable to Remote Code Execution (RCE) due to inconsistent sanitization of environment variable overrides between the Gateway and Node components. This architectural flaw allows attackers to inject shell-sensitive variables, resulting in arbitrary command execution on the host system.

CVSS Score: High Published: 2026-03-26 Full Report: https://cvereports.com/reports/GHSA-WQ58-2PVG-5H4F

The OpenClaw gateway contains an improper authorization vulnerability in the Agent RPC handler. Users with basic operator.write permissions can bypass scope restrictions to execute administrative session resets via in-band text commands, leading to targeted service disruption and state manipulation.

CVSS Score: 8.1 Published: 2026-03-26 Full Report: https://cvereports.com/reports/GHSA-2PV8-4C52-MF8J

A critical vulnerability chain in the Vikunja task management platform allows unauthenticated or minimally authenticated attackers to perform an instance-wide data breach. By combining a link-share hash disclosure (CVE-2026-33680) with a task attachment IDOR (CVE-2026-33678), attackers can read or delete any file attachment on the system.

CVSS Score: 9.8 Published: 2026-03-13 Full Report: https://cvereports.com/reports/CVE-2026-32746

A 32-year-old pre-authentication buffer overflow vulnerability exists in the GNU Inetutils telnetd daemon. The flaw resides in the LINEMODE SLC suboption handler, allowing remote attackers to achieve arbitrary code execution as the root user by overflowing a fixed-size BSS buffer during the initial Telnet handshake.