CVEs classified under CWE-408, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2026-41405 — CVSS 7.5 (high): OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performing JWT validation, allowing unauthenticated attackers to…
CVE-2022-2576 — CVSS 7.5 (high): In Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back to a DTLS full handshake on a…
CVE-2020-1657 — CVSS 7.5 (high): On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks Junos OS allows an attacker to spoof…
CVE-2026-3592 — CVSS 5.3 (medium): BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially…
CVE-2026-41374 — CVSS 5.3 (medium): OpenClaw before 2026.3.31 performs Discord audio preflight transcription before validating member authorization, allowing unauthenticated…
CVE-2026-41331 — CVSS 5.3 (medium): OpenClaw before 2026.3.31 contains a resource consumption vulnerability in Telegram audio preflight transcription that allows unauthorized…