Summary
stigmem-node: decay sweep expires and counts facts across all tenants (cross-tenant BOLA)
References
Related vulnerabilities
All Supply chain →- MEDIUMGHSA-HV6H-HC26-Q48P
SurrealDB: Field-level SELECT permissions bypassed via graph and reference traversals
- HIGHGHSA-XHV3-Q4XX-349R
stistigmem-node: quarantine review surface exposes and mutates other tenants' quarantined facts (cross-tenant BOLA)
- LOWGHSA-4VRG-R928-H5VV
SpiceDB: Checks involving relations with caveats can result in unconditional permission when conditional permission is expected
- LOWGHSA-C36X-H252-G9X2
OpenBao: Cross-namespace lease revocation/renewal via canonical sys/leases/{revoke,renew} — incomplete fix of CVE-2026-45808
- MEDIUMGHSA-4HPG-MP64-X7XQ
OpenClaw: Internal/webchat command auth could inherit ownerAllowFrom wildcard state
- HIGHGHSA-V2WW-5RH7-2H5V
OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns