CVEs classified under CWE-184, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2026-28363 — CVSS 9.9 (critical): In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as…
CVE-2026-56315 — CVSS 9.8 (critical): picklescan before 1.0.4 fails to block at least seven Python standard library modules (including uuid, _osx_support, _aix_support…
CVE-2026-53873 — CVSS 9.8 (critical): picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module-level profile.run()…
CVE-2025-71323 — CVSS 9.8 (critical): picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote code execution by invoking direct syscalls…
CVE-2025-71320 — CVSS 9.8 (critical): picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing…
CVE-2026-41264 — CVSS 9.8 (critical): Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within…
CVE-2026-34415 — CVSS 9.8 (critical): Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint…
CVE-2025-1716 — CVSS 9.8 (critical): picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a…
CVE-2023-3374 — CVSS 9.8 (critical): Incomplete List of Disallowed Inputs vulnerability in Unisign Bookreen allows Privilege Escalation. This issue affects Bookreen: before…
CVE-2019-9212 — CVSS 9.8 (critical): SOFA-Hessian through 4.0.2 allows remote attackers to execute arbitrary commands via a crafted serialized Hessian object because…
CVE-2018-7489 — CVSS 9.8 (critical): FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution…
CVE-2017-7525 — CVSS 9.8 (critical): A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an…
CVE-2017-0909 — CVSS 9.8 (critical): The private_address_check ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network…
CVE-2017-7540 — CVSS 9.8 (critical): rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax…
CVE-2026-43578 — CVSS 9.1 (critical): OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses…
CVE-2026-43566 — CVSS 9.1 (critical): OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips…
CVE-2026-34177 — CVSS 9.1 (critical): Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden (lxd/project/limits/permissions.go)…
CVE-2026-14534 — CVSS 8.8 (high): Trail of Bits fickling versions up to and including 0.1.10 do not include the Python standard library modules _posixsubprocess, site, and…
CVE-2026-53836 — CVSS 8.8 (high): OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in PowerShell encoded-command handling that allows attackers to…
CVE-2026-48557 — CVSS 8.8 (high): Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer(). The…
CVE-2026-45006 — CVSS 8.8 (high): OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations…
CVE-2026-44115 — CVSS 8.8 (high): OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies…
CVE-2026-43584 — CVSS 8.8 (high): OpenClaw before 2026.4.10 contains an insufficient environment variable denylist vulnerability in its exec environment policy that allows…
CVE-2026-41934 — CVSS 8.8 (high): Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows…
CVE-2026-42435 — CVSS 8.8 (high): OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing attackers to…
CVE-2026-34430 — CVSS 8.8 (high): ByteDance DeerFlow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to…
CVE-2022-43396 — CVSS 8.8 (high): In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can…
CVE-2021-25631 — CVSS 8.8 (high): In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be…
CVE-2018-6383 — CVSS 8.8 (high): Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not the .pht or…
CVE-2026-47389 — CVSS 8.6 (high): Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, when using Ruby versions…
CVE-2024-54149 — CVSS 8.4 (high): Winter is a free, open-source content management system (CMS) based on the Laravel PHP framework. Winter CMS prior to versions 1.2.7…
CVE-2026-42590 — CVSS 8.2 (high): Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be…
CVE-2026-43929 — CVSS 8.2 (high): ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side…
CVE-2020-3384 — CVSS 8.2 (high): A vulnerability in specific REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to…
CVE-2026-54513 — CVSS 8.1 (high): jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until…
CVE-2026-54512 — CVSS 8.1 (high): jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until…
CVE-2026-53864 — CVSS 8.1 (high): OpenClaw before 2026.5.26 contains an insufficient sanitization vulnerability in the host environment sanitizer that allows Node.js control…
CVE-2026-53855 — CVSS 8.1 (high): OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks…
CVE-2018-5968 — CVSS 8.1 (high): FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix…
CVE-2026-44114 — CVSS 7.8 (high): OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW_ runtime-control environment namespace in workspace dotenv files, allowing…
CVE-2026-41206 — CVSS 7.8 (high): PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. The plugin security…
CVE-2026-33139 — CVSS 7.8 (high): PySpector is a static analysis security testing (SAST) Framework engineered for modern Python development workflows. PySpector versions…
CVE-2026-22609 — CVSS 7.8 (high): Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, the unsafe_imports() method in Fickling's static…
CVE-2026-22608 — CVSS 7.8 (high): Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, both ctypes and pydoc modules aren't explicitly…
CVE-2026-22607 — CVSS 7.8 (high): Fickling is a Python pickling decompiler and static analyzer. Fickling versions up to and including 0.1.6 do not treat Python's cProfile…
CVE-2026-22606 — CVSS 7.8 (high): Fickling is a Python pickling decompiler and static analyzer. Fickling versions up to and including 0.1.6 do not treat Python’s runpy…
CVE-2025-67747 — CVSS 7.8 (high): Fickling is a Python pickling decompiler and static analyzer. Versions prior to 0.1.6 are missing `marshal` and `types` from the block list…
CVE-2025-29822 — CVSS 7.8 (high): Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally.
CVE-2015-5946 — CVSS 7.8 (high): Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with…