Résumé
OpenClaw: Discord allowFrom could bind to mutable display names
Références
Vulnérabilités liées
Tout Supply chain →- HIGHGHSA-8C59-HR4W-QG69
OpenClaw: Zalo allowFrom could bind to mutable display names
- CRITICALGHSA-GFJ5-979R-92PW
@acastellon/auth: Authentication bypass via spoofable headers in validateToken()
- HIGHGHSA-38X9-25WX-7FG2
Heimdall: IP Spoofing via Unvalidated Forwarding Headers
- CRITICALGHSA-4XPC-PV4P-PM3W
LiteLLM: Authentication Bypass via Host Header Injection
- HIGHGHSA-F59H-Q822-G45G
Caddy: FastCGI header normalization bypass in `forward_auth copy_headers`
- MEDIUMGHSA-JVC7-762P-3743
n8n: Missing Token Validation on Microsoft Agent 365 Trigger and Stripe Nodes