CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
OpenClaw before version 2026.5.18 accepts WebSocket client-declared operator scopes before binding to server-approved pairing or trusted-proxy authorization. Unpaired or restricted trusted-proxy Control UI clients can obtain cached operator.admin authority on live WebSocket connections.
ApostropheCMS versions up to 1.4.2 of the `@apostrophecms/seo` package injects Google Analytics and Google Tag Manager IDs without proper sanitization. Users with editor-level access can set these fields to malicious values, leading to stored XSS attacks.
Nezha Monitoring is a tool for monitoring servers and websites. In versions from 1.0.0 to before 2.0.14, a malicious cross-site GET request can trigger stored cron commands on a victim's agents. This issue has been patched in version 2.0.14.
Nezha Monitoring is a tool for monitoring servers and websites. In versions from 0.20.0 to before 2.0.12, authenticated agents can forge service-monitor results for other users' services. This issue has been patched in version 2.0.12.
Nezha Monitoring versions from 1.4.0 to before 2.0.8 allow RoleMember to trigger other users' cron tasks without ownership checks. This issue has been patched in version 2.0.8.
Nezha Monitoring is a tool for monitoring servers and websites, which in versions from 1.4.0 to before 2.0.8 allows users with the RoleMember role to make unauthorized HTTP requests. As a result, users can send requests to URLs they control and receive responses, creating a risk of data exposure.
Software running as a non-privileged user may conduct GPU system calls, allowing writes to arbitrary freed physical pages. This can lead to unauthorized access to memory.
Software running as a non-privileged user may conduct intentional GPU sparse memory API calls, leading to out of bounds write in the kernel. The product incorrectly indexes internal state when performing sparse allocation remapping.
CVE-2025-7017 is a heap buffer out-of-bounds read vulnerability in the Avira Antivirus engine when scanning a malformed Windows MSI file. This may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.
A heap out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed zip file containing XML may allow Local Execution of Code or Denial-of-Service of the antivirus process.
CVE-2025-7009 describes a heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file, which may allow Local Execution of Code or Denial-of-Service of the antivirus process.
CVE-2025-7008 describes a heap buffer out-of-bounds read vulnerability in Avast Antivirus when scanning a malformed Windows PE file with .NET metadata, which may allow Local Execution of Code or Denial-of-Service of the antivirus process.
Avast Antivirus has a heap buffer out-of-bounds write vulnerability when scanning a malformed Windows PE file, which may allow Local Execution of Code or Denial-of-Service of the antivirus process.
A heap buffer out-of-bounds read vulnerability exists in the Avira Antivirus engine when scanning a malformed PDF file. This may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.
CVE-2025-7002 describes a heap buffer out-of-bounds read vulnerability in the Avira Antivirus engine that may occur when scanning a malformed PDF file. This may allow local code execution or denial-of-service of the antivirus engine process.
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 (color-control) query reply reflects attacker-controlled bytes, including newlines, into the shell's input without sanitization.
In versions 0.47.0 and 0.47.1 of the Kitty terminal, the `kitten dnd` feature can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. The issue arises from the lack of de-duplication of filenames on case-sensitive filesystems.
IBM Qiskit SDK versions 0.43.0 through 2.5.0 could allow an attacker to trigger a segmentation fault leading to a denial of service due to uncontrolled recursion in the parser.
ApostropheCMS is a Node.js content management system that in versions up to 4.29.0 has a vulnerability in the password reset process. This vulnerability allows an attacker to send a crafted reset request that results in a reset link being sent to the attacker's domain.
ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 contain an authenticated server-side request forgery (SSRF) in the rich-text widget import flow, allowing an attacker to force the server to fetch attacker-controlled URLs.

