Common Weakness Enumeration

CWE-307

Improper Restriction of Excessive Authentication Attempts

The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.

CVE-2026-31903 (GCVE-0-2026-31903)

Vulnerability from cvelistv5 – Published: 2026-03-20 22:56 – Updated: 2026-03-23 15:56
VLAI
Title
IGL-Technologies eParking.fi Improper Restriction of Excessive Authentication Attempts
Summary
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-307
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
Impacted products
Vendor Product Version
IGL-Technologies eParking.fi Affected: All versions (custom)
Create a notification for this product.
Date Public
2026-03-19 16:18
Credits
Khaled Sarieddine and Mohammad Ali Sayed reported this vulnerability to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-31903",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-23T14:51:32.470258Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-307",
                "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-23T15:56:29.649Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "eParking.fi",
          "vendor": "IGL-Technologies",
          "versions": [
            {
              "status": "affected",
              "version": "All versions",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Khaled Sarieddine and Mohammad Ali Sayed reported this vulnerability to CISA."
        }
      ],
      "datePublic": "2026-03-19T16:18:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access."
            }
          ],
          "value": "The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-20T23:02:55.988Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-078-08"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-078-08.json"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cspan\u003eIGL-Technologies has updated eParking\u0027s OCPP servers to reduce the risks posed by the vulnerability. These updates implemented the following security controls: 1-Enforce modern security profiles and stronger authentication. 2-Device level whitelisting was implemented to ensure authorized devices connect. 3-Rate limiting controls prevent excessive requests and reduces denial-of-service attacks. 4-Enhanced automated monitoring and alerting to detection abnormal network activity.\u003c/span\u003e\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "IGL-Technologies has updated eParking\u0027s OCPP servers to reduce the risks posed by the vulnerability. These updates implemented the following security controls: 1-Enforce modern security profiles and stronger authentication. 2-Device level whitelisting was implemented to ensure authorized devices connect. 3-Rate limiting controls prevent excessive requests and reduces denial-of-service attacks. 4-Enhanced automated monitoring and alerting to detection abnormal network activity."
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Devices using the encrypted deployment of eParking\u0027s OCPP servers or \nIGL-Technologies proprietary eTolppa protocol are not impacted by these \nvulnerabilities."
            }
          ],
          "value": "Devices using the encrypted deployment of eParking\u0027s OCPP servers or \nIGL-Technologies proprietary eTolppa protocol are not impacted by these \nvulnerabilities."
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "To prevent this in the future IGL-Technologies will continue \nvulnerability monitoring under their ISO\u202f27001:2022 security program and\n tighten security requirements for future third\u2011party OCPP hardware \napprovals."
            }
          ],
          "value": "To prevent this in the future IGL-Technologies will continue \nvulnerability monitoring under their ISO\u202f27001:2022 security program and\n tighten security requirements for future third\u2011party OCPP hardware \napprovals."
        },
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "For more information please contact the IGL-Technologies security team at this email address: security@igl.fi.\u003cbr\u003e\u003ca href=\"mailto:security@igl.fi\"\u003emailto:security@igl.fi\u003c/a\u003e"
            }
          ],
          "value": "For more information please contact the IGL-Technologies security team at this email address: security@igl.fi.\n mailto:security@igl.fi"
        }
      ],
      "source": {
        "advisory": "ICSA-26-078-08",
        "discovery": "EXTERNAL"
      },
      "title": "IGL-Technologies eParking.fi Improper Restriction of Excessive Authentication Attempts",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-31903",
    "datePublished": "2026-03-20T22:56:27.047Z",
    "dateReserved": "2026-03-12T20:17:17.765Z",
    "dateUpdated": "2026-03-23T15:56:29.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-31904 (GCVE-0-2026-31904)

Vulnerability from cvelistv5 – Published: 2026-03-20 22:45 – Updated: 2026-03-23 14:16
VLAI
Title
CTEK Chargeportal Improper Restriction of Excessive Authentication Attempts
Summary
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
CTEK Chargeportal Affected: All versions (custom)
Create a notification for this product.
Date Public
2026-03-19 16:18
Credits
Khaled Sarieddine and Mohammad Ali Sayed reported this vulnerability to CISA.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-31904",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-23T14:16:18.382158Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-23T14:16:28.724Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Chargeportal",
          "vendor": "CTEK",
          "versions": [
            {
              "status": "affected",
              "version": "All versions",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Khaled Sarieddine and Mohammad Ali Sayed reported this vulnerability to CISA."
        }
      ],
      "datePublic": "2026-03-19T16:18:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The WebSocket Application Programming Interface lacks restrictions on the number of\u0026nbsp;authentication requests. This absence of rate limiting may allow an attacker to conduct\u0026nbsp;denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access."
            }
          ],
          "value": "The WebSocket Application Programming Interface lacks restrictions on the number of\u00a0authentication requests. This absence of rate limiting may allow an attacker to conduct\u00a0denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-20T22:45:17.571Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-078-06"
        },
        {
          "url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-078-06.json"
        },
        {
          "url": "https://www.ctek.com/support"
        }
      ],
      "source": {
        "advisory": "ICSA-26-078-06",
        "discovery": "EXTERNAL"
      },
      "title": "CTEK Chargeportal Improper Restriction of Excessive Authentication Attempts",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "CTEK will be sunsetting this product in April 2026. Please contact CTEK for more information\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ctek.com/support\"\u003ehttps://www.ctek.com/support\u003c/a\u003e."
            }
          ],
          "value": "CTEK will be sunsetting this product in April 2026. Please contact CTEK for more information\u00a0 https://www.ctek.com/support ."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2026-31904",
    "datePublished": "2026-03-20T22:45:17.571Z",
    "dateReserved": "2026-03-12T16:52:46.513Z",
    "dateUpdated": "2026-03-23T14:16:28.724Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-32025 (GCVE-0-2026-32025)

Vulnerability from cvelistv5 – Published: 2026-03-19 22:07 – Updated: 2026-06-23 16:14 X_Open Source
VLAI
Title
OpenClaw < 2026.2.25 - Password Brute-Force via Browser-Origin WebSocket Authentication Bypass
Summary
OpenClaw versions prior to 2026.2.25 contain an authentication hardening gap in browser-origin WebSocket clients that allows attackers to bypass origin checks and auth throttling on loopback deployments. An attacker can trick a user into opening a malicious webpage and perform password brute-force attacks against the gateway to establish an authenticated operator session and invoke control-plane methods.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
Impacted products
Vendor Product Version
OpenClaw OpenClaw Affected: 0 , < 2026.2.25 (semver)
Unaffected: 2026.2.25 (semver)
Create a notification for this product.
Date Public
2026-02-26 00:00
Credits
luz-oasis
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32025",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-20T18:03:46.908974Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-20T18:09:54.130Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageURL": "pkg:npm/openclaw",
          "product": "OpenClaw",
          "vendor": "OpenClaw",
          "versions": [
            {
              "lessThan": "2026.2.25",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "2026.2.25",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*",
                  "versionEndExcluding": "2026.2.25",
                  "vulnerable": true
                }
              ],
              "operator": "OR"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "luz-oasis"
        }
      ],
      "datePublic": "2026-02-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenClaw versions prior to 2026.2.25 contain an authentication hardening gap in browser-origin WebSocket clients that allows attackers to bypass origin checks and auth throttling on loopback deployments. An attacker can trick a user into opening a malicious webpage and perform password brute-force attacks against the gateway to establish an authenticated operator session and invoke control-plane methods."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-23T16:14:43.475Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "GitHub Security Advisory (GHSA-jmmg-jqc7-5qf4)",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-jmmg-jqc7-5qf4"
        },
        {
          "name": "Patch Commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openclaw/openclaw/commit/c736f11a16d6bc27ea62a0fe40fffae4cb071fdb"
        },
        {
          "name": "VulnCheck Advisory: OpenClaw \u003c 2026.2.25 - Password Brute-Force via Browser-Origin WebSocket Authentication Bypass",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/openclaw-password-brute-force-via-browser-origin-websocket-authentication-bypass"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "title": "OpenClaw \u003c 2026.2.25 - Password Brute-Force via Browser-Origin WebSocket Authentication Bypass",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2026-32025",
    "datePublished": "2026-03-19T22:07:01.072Z",
    "dateReserved": "2026-03-10T19:48:40.709Z",
    "dateUpdated": "2026-06-23T16:14:43.475Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-32292 (GCVE-0-2026-32292)

Vulnerability from cvelistv5 – Published: 2026-03-17 17:18 – Updated: 2026-03-23 19:34
VLAI
Title
GL-iNet Comet (GL-RM1) KVM insufficient login rate-limiting
Summary
The GL-iNet Comet (GL-RM1) KVM web interface does not limit login requests, enabling brute-force attempts to guess credentials.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
Impacted products
Vendor Product Version
GL-iNet Comet KVM Affected: 0 , < 1.7.2 (custom)
Unaffected: 1.7.2
Create a notification for this product.
Date Public
2026-03-17 00:00
Credits
Reynaldo Vasquez Garcia, Eclypsium
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32292",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-17T17:56:24.256642Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-17T17:56:30.651Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Comet KVM",
          "vendor": "GL-iNet",
          "versions": [
            {
              "lessThan": "1.7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.7.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Reynaldo Vasquez Garcia, Eclypsium"
        }
      ],
      "datePublic": "2026-03-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The GL-iNet Comet (GL-RM1) KVM web interface does not limit login requests, enabling brute-force attempts to guess credentials."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "other": {
            "content": {
              "id": "CVE-2026-32292",
              "options": [
                {
                  "Exploitation": "none"
                },
                {
                  "Automatable": "yes"
                },
                {
                  "Technical Impact": "total"
                }
              ],
              "role": "CISA Coordinator",
              "timestamp": "2026-03-13T18:47:55.255705Z",
              "version": "2.0.3"
            },
            "type": "ssvc"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-23T19:34:33.902Z",
        "orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
        "shortName": "cisa-cg"
      },
      "references": [
        {
          "name": "url",
          "url": "https://eclypsium.com/blog/your-kvm-is-the-weak-link-how-30-dollar-devices-can-own-your-entire-network/"
        },
        {
          "name": "url",
          "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-26-076-01.json"
        },
        {
          "name": "url",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32292"
        },
        {
          "name": "url",
          "tags": [
            "patch"
          ],
          "url": "https://dl.gl-inet.com/release/kvm/release/RM1/1.7.2"
        }
      ],
      "title": "GL-iNet Comet (GL-RM1) KVM insufficient login rate-limiting"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
    "assignerShortName": "cisa-cg",
    "cveId": "CVE-2026-32292",
    "datePublished": "2026-03-17T17:18:54.851Z",
    "dateReserved": "2026-03-11T18:26:16.060Z",
    "dateUpdated": "2026-03-23T19:34:33.902Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-32295 (GCVE-0-2026-32295)

Vulnerability from cvelistv5 – Published: 2026-03-17 17:19 – Updated: 2026-03-17 18:11
VLAI
Title
JetKVM insufficient login rate limiting
Summary
JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess credentials.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
Impacted products
Vendor Product Version
JetKVM JetKVM Affected: 0 , < 0.5.4 (custom)
Unaffected: 0.5.4
Create a notification for this product.
Date Public
2026-03-17 00:00
Credits
Paul Asadoorian, Eclypsium
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32295",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-17T18:11:27.764122Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-17T18:11:34.304Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "JetKVM",
          "vendor": "JetKVM",
          "versions": [
            {
              "lessThan": "0.5.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "0.5.4"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Paul Asadoorian, Eclypsium"
        }
      ],
      "datePublic": "2026-03-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess credentials."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "other": {
            "content": {
              "id": "CVE-2026-32295",
              "options": [
                {
                  "Exploitation": "poc"
                },
                {
                  "Automatable": "yes"
                },
                {
                  "Technical Impact": "partial"
                }
              ],
              "role": "CISA Coordinator",
              "timestamp": "2026-03-11T17:33:10.669735Z",
              "version": "2.0.3"
            },
            "type": "ssvc"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-17T17:19:39.692Z",
        "orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
        "shortName": "cisa-cg"
      },
      "references": [
        {
          "name": "url",
          "url": "https://eclypsium.com/blog/kvm-devices-the-keys-to-your-kingdom-are-hanging-on-the-network/"
        },
        {
          "name": "url",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/jetkvm/kvm/releases/tag/release%2F0.5.4"
        },
        {
          "name": "url",
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-32295"
        },
        {
          "name": "url",
          "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-26-076-01.json"
        }
      ],
      "title": "JetKVM insufficient login rate limiting"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
    "assignerShortName": "cisa-cg",
    "cveId": "CVE-2026-32295",
    "datePublished": "2026-03-17T17:19:39.692Z",
    "dateReserved": "2026-03-11T18:26:41.488Z",
    "dateUpdated": "2026-03-17T18:11:34.304Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-32729 (GCVE-0-2026-32729)

Vulnerability from cvelistv5 – Published: 2026-03-13 21:41 – Updated: 2026-03-16 20:22
VLAI
Title
Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp`
Summary
Runtipi is a personal homeserver orchestrator. Prior to 4.8.1, The Runtipi /api/auth/verify-totp endpoint does not enforce any rate limiting, attempt counting, or account lockout mechanism. An attacker who has obtained a user's valid credentials (via phishing, credential stuffing, or data breach) can brute-force the 6-digit TOTP code to completely bypass two-factor authentication. The TOTP verification session persists for 24 hours (default cache TTL), providing an excessive window during which the full 1,000,000-code keyspace (000000–999999) can be exhausted. At practical request rates (~500 req/s), the attack completes in approximately 33 minutes in the worst case. This vulnerability is fixed in 4.8.1.
SSVC
Exploitation: poc Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
  • CWE-799 - Improper Control of Interaction Frequency
Assigner
References
Impacted products
Vendor Product Version
runtipi runtipi Affected: < 4.8.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32729",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-16T20:08:49.065023Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-16T20:22:43.613Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "runtipi",
          "vendor": "runtipi",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 4.8.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Runtipi is a personal homeserver orchestrator. Prior to 4.8.1, The Runtipi /api/auth/verify-totp endpoint does not enforce any rate limiting, attempt counting, or account lockout mechanism. An attacker who has obtained a user\u0027s valid credentials (via phishing, credential stuffing, or data breach) can brute-force the 6-digit TOTP code to completely bypass two-factor authentication. The TOTP verification session persists for 24 hours (default cache TTL), providing an excessive window during which the full 1,000,000-code keyspace (000000\u2013999999) can be exhausted. At practical request rates (~500 req/s), the attack completes in approximately 33 minutes in the worst case. This vulnerability is fixed in 4.8.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-799",
              "description": "CWE-799: Improper Control of Interaction Frequency",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-13T21:41:11.699Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/runtipi/runtipi/security/advisories/GHSA-v6gf-frxm-567w",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/runtipi/runtipi/security/advisories/GHSA-v6gf-frxm-567w"
        }
      ],
      "source": {
        "advisory": "GHSA-v6gf-frxm-567w",
        "discovery": "UNKNOWN"
      },
      "title": "Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp`"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-32729",
    "datePublished": "2026-03-13T21:41:11.699Z",
    "dateReserved": "2026-03-13T15:02:00.626Z",
    "dateUpdated": "2026-03-16T20:22:43.613Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33152 (GCVE-0-2026-33152)

Vulnerability from cvelistv5 – Published: 2026-03-26 19:07 – Updated: 2026-03-26 19:52
VLAI
Title
Tandoor Recipes Vulnerable to Unrestricted Brute-Force via BasicAuthentication
Summary
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, Tandoor Recipes configures Django REST Framework with BasicAuthentication as one of the default authentication backends. The AllAuth rate limiting configuration (ACCOUNT_RATE_LIMITS: login: 5/m/ip) only applies to the HTML-based login endpoint at /accounts/login/. Any API endpoint that accepts authenticated requests can be targeted via Authorization: Basic headers with zero rate limiting, zero account lockout, and unlimited attempts. An attacker can perform high-speed password guessing against any known username. Version 2.6.0 patches the issue.
SSVC
Exploitation: poc Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
Impacted products
Vendor Product Version
TandoorRecipes recipes Affected: < 2.6.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33152",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-26T19:46:37.336472Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-26T19:52:09.977Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "recipes",
          "vendor": "TandoorRecipes",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.6.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, Tandoor Recipes configures Django REST Framework with BasicAuthentication as one of the default authentication backends. The AllAuth rate limiting configuration (ACCOUNT_RATE_LIMITS: login: 5/m/ip) only applies to the HTML-based login endpoint at /accounts/login/. Any API endpoint that accepts authenticated requests can be targeted via Authorization: Basic headers with zero rate limiting, zero account lockout, and unlimited attempts. An attacker can perform high-speed password guessing against any known username. Version 2.6.0 patches the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-26T19:07:39.225Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-7m7c-jjqc-r522",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-7m7c-jjqc-r522"
        },
        {
          "name": "https://github.com/TandoorRecipes/recipes/releases/tag/2.6.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/TandoorRecipes/recipes/releases/tag/2.6.0"
        }
      ],
      "source": {
        "advisory": "GHSA-7m7c-jjqc-r522",
        "discovery": "UNKNOWN"
      },
      "title": "Tandoor Recipes Vulnerable to Unrestricted Brute-Force via BasicAuthentication"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-33152",
    "datePublished": "2026-03-26T19:07:39.225Z",
    "dateReserved": "2026-03-17T21:17:08.885Z",
    "dateUpdated": "2026-03-26T19:52:09.977Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-3329 (GCVE-0-2026-3329)

Vulnerability from cvelistv5 – Published: 2026-06-11 17:00 – Updated: 2026-06-11 18:52
VLAI
Title
Nexus Repository Manager - Improper Restriction of Excessive Authentication Attempts
Summary
A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
Impacted products
Vendor Product Version
Sonatype Nexus Repository Manager Affected: 3.0.0 , < 3.93.0 (semver)
    cpe:2.3:a:sonatype:nexus_repository_manager:3.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.13.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.18.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.21.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.21.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.21.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.22.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.23.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.24.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.25.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.25.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.26.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.26.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.27.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.28.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.28.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.29.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.29.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.30.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.30.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.31.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.31.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.32.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.32.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.33.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.33.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.34.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.34.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.35.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.36.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.37.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.37.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.37.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.37.3:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.38.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.38.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.39.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.40.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.40.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.41.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.41.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.42.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.43.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.44.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.45.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.45.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.46.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.47.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.47.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.48.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.49.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.50.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.51.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.52.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.53.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.53.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.54.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.54.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.55.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.56.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.57.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.57.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.58.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.58.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.59.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.60.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.61.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.62.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.63.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.64.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.65.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.66.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.67.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.67.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.68.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.68.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.69.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.70.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.70.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.70.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.70.3:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.70.4:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.70.5:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.71.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.72.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.73.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.74.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.75.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.75.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.76.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.76.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.77.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.78.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.78.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.79.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.80.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.81.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.82.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.83.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.83.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.83.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.84.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.84.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.84.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.85.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.85.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.86.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.86.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.86.3:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.87.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.87.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.87.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.88.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.89.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.89.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.90.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.90.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.90.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.90.3:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.91.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.91.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.92.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.92.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.92.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.92.3:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-3329",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-11T18:52:02.344885Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-11T18:52:18.659Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.5.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.5.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.7.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.7.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.8.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.9.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.10.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.11.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.12.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.12.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.13.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.14.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.15.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.15.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.15.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.16.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.16.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.16.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.17.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.18.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.18.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.19.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.19.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.20.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.20.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.21.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.21.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.21.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.22.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.22.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.23.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.24.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.25.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.25.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.26.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.26.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.27.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.28.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.28.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.29.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.29.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.30.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.30.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.31.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.31.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.32.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.32.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.33.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.33.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.34.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.34.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.35.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.36.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.38.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.38.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.39.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.40.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.40.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.41.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.41.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.42.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.43.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.44.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.45.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.45.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.46.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.47.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.47.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.48.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.49.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.50.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.51.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.52.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.53.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.53.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.54.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.54.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.55.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.56.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.57.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.57.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.58.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.58.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.59.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.60.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.61.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.62.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.63.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.64.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.65.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.66.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.67.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.67.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.68.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.68.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.69.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.4:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.5:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.71.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.72.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.73.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.74.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.75.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.75.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.76.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.76.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.77.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.78.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.78.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.79.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.80.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.81.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.82.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.84.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.84.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.84.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.85.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.85.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.86.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.86.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.86.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.87.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.87.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.87.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.88.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.89.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.89.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.90.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.90.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.90.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.90.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.91.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.91.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.92.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.92.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.92.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.92.3:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Nexus Repository Manager",
          "vendor": "Sonatype",
          "versions": [
            {
              "lessThan": "3.93.0",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.\u003c/p\u003e"
            }
          ],
          "value": "A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-11T17:00:12.225Z",
        "orgId": "103e4ec9-0a87-450b-af77-479448ddef11",
        "shortName": "Sonatype"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://help.sonatype.com/en/sonatype-nexus-repository-3-93-0-release-notes.html"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://support.sonatype.com/hc/en-us/articles/52482870409491"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Nexus Repository Manager - Improper Restriction of Excessive Authentication Attempts",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "103e4ec9-0a87-450b-af77-479448ddef11",
    "assignerShortName": "Sonatype",
    "cveId": "CVE-2026-3329",
    "datePublished": "2026-06-11T17:00:12.225Z",
    "dateReserved": "2026-02-27T14:26:59.405Z",
    "dateUpdated": "2026-06-11T18:52:18.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33419 (GCVE-0-2026-33419)

Vulnerability from cvelistv5 – Published: 2026-03-24 19:05 – Updated: 2026-03-25 13:24
VLAI
Title
MinIO: LDAP login brute-force via user enumeration and missing rate limit
Summary
MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor's STS (Security Token Service) AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credential brute-forcing due to two combined weaknesses: (1) distinguishable error responses that enable username enumeration, and (2) absence of rate limiting on authentication attempts. An unauthenticated network attacker can enumerate valid LDAP usernames and then perform unlimited password guessing to obtain temporary AWS-style STS credentials, gaining access to the victim's S3 buckets and objects. This issue has been patched in RELEASE.2026-03-17T21-25-16Z.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-204 - Observable Response Discrepancy
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
Impacted products
Vendor Product Version
minio minio Affected: < RELEASE.2026-03-17T21-25-16Z
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33419",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-25T13:23:54.467588Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-25T13:24:44.452Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "minio",
          "vendor": "minio",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c RELEASE.2026-03-17T21-25-16Z"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor\u0027s STS (Security Token Service) AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credential brute-forcing due to two combined weaknesses: (1) distinguishable error responses that enable username enumeration, and (2) absence of rate limiting on authentication attempts. An unauthenticated network attacker can enumerate valid LDAP usernames and then perform unlimited password guessing to obtain temporary AWS-style STS credentials, gaining access to the victim\u0027s S3 buckets and objects. This issue has been patched in RELEASE.2026-03-17T21-25-16Z."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-204",
              "description": "CWE-204: Observable Response Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-24T19:05:30.937Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/minio/minio/security/advisories/GHSA-jv87-32hw-hh99",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/minio/minio/security/advisories/GHSA-jv87-32hw-hh99"
        }
      ],
      "source": {
        "advisory": "GHSA-jv87-32hw-hh99",
        "discovery": "UNKNOWN"
      },
      "title": "MinIO: LDAP login brute-force via user enumeration and missing rate limit"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-33419",
    "datePublished": "2026-03-24T19:05:30.937Z",
    "dateReserved": "2026-03-19T18:45:22.431Z",
    "dateUpdated": "2026-03-25T13:24:44.452Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33580 (GCVE-0-2026-33580)

Vulnerability from cvelistv5 – Published: 2026-03-31 14:10 – Updated: 2026-06-23 16:15
VLAI
Title
OpenClaw < 2026.3.28 - Brute Force Attack via Missing Rate Limiting on Webhook Shared Secret Authentication
Summary
OpenClaw before 2026.3.28 contains a missing rate limiting vulnerability in the Nextcloud Talk webhook authentication that allows attackers to brute-force weak shared secrets. Attackers who can reach the webhook endpoint can exploit this to forge inbound webhook events by repeatedly attempting authentication without throttling.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
Impacted products
Vendor Product Version
OpenClaw OpenClaw Affected: 0 , < 2026.3.28 (semver)
Unaffected: 2026.3.28 (semver)
Create a notification for this product.
Date Public
2026-03-29 00:00
Credits
AntAISecurityLab
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33580",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-31T17:18:43.381196Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-31T17:18:59.069Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageURL": "pkg:npm/openclaw",
          "product": "OpenClaw",
          "vendor": "OpenClaw",
          "versions": [
            {
              "lessThan": "2026.3.28",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "2026.3.28",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*",
                  "versionEndExcluding": "2026.3.28",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "AntAISecurityLab"
        }
      ],
      "datePublic": "2026-03-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eOpenClaw before 2026.3.28 contains a missing rate limiting vulnerability in the Nextcloud Talk webhook authentication that allows attackers to brute-force weak shared secrets. Attackers who can reach the webhook endpoint can exploit this to forge inbound webhook events by repeatedly attempting authentication without throttling.\u003c/p\u003e"
            }
          ],
          "value": "OpenClaw before 2026.3.28 contains a missing rate limiting vulnerability in the Nextcloud Talk webhook authentication that allows attackers to brute-force weak shared secrets. Attackers who can reach the webhook endpoint can exploit this to forge inbound webhook events by repeatedly attempting authentication without throttling."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-23T16:15:39.042Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "GitHub Security Advisory (GHSA-9528-x887-j2fp)",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-9528-x887-j2fp"
        },
        {
          "name": "Patch Commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openclaw/openclaw/commit/e403decb6e20091b5402780a7ccd2085f98aa3cd"
        },
        {
          "name": "VulnCheck Advisory: OpenClaw \u003c 2026.3.28 - Brute Force Attack via Missing Rate Limiting on Webhook Shared Secret Authentication",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/openclaw-brute-force-attack-via-missing-rate-limiting-on-webhook-shared-secret-authentication"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "OpenClaw \u003c 2026.3.28 - Brute Force Attack via Missing Rate Limiting on Webhook Shared Secret Authentication",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2026-33580",
    "datePublished": "2026-03-31T14:10:33.057Z",
    "dateReserved": "2026-03-23T11:00:48.409Z",
    "dateUpdated": "2026-06-23T16:15:39.042Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation

Phase: Architecture and Design

Description:

  • Common protection mechanisms include:
  • Disconnecting the user after a small number of failed attempts
  • Implementing a timeout
  • Locking out a targeted account
  • Requiring a computational task on the user's part.
Mitigation ID: MIT-4

Phase: Architecture and Design

Strategy: Libraries or Frameworks

Description:

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid [REF-1482].
  • Consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator. [REF-45]
CAPEC-16: Dictionary-based Password Attack

["An attacker tries each of the words in a dictionary as passwords to gain access to the system via some user's account. If the password chosen by the user was a word within the dictionary, this attack will be successful (in the absence of other mitigations). This is a specific instance of the password brute forcing attack pattern.", "Dictionary Attacks differ from similar attacks such as Password Spraying (CAPEC-565) and Credential Stuffing (CAPEC-600), since they leverage unknown username/password combinations and don't care about inducing account lockouts."]

CAPEC-49: Password Brute Forcing

An adversary tries every possible value for a password until they succeed. A brute force attack, if feasible computationally, will always be successful because it will essentially go through all possible passwords given the alphabet used (lower case letters, upper case letters, numbers, symbols, etc.) and the maximum length of the password.

CAPEC-560: Use of Known Domain Credentials

An adversary guesses or obtains (i.e. steals or purchases) legitimate credentials (e.g. userID/password) to achieve authentication and to perform authorized actions under the guise of an authenticated user or service.

CAPEC-565: Password Spraying

In a Password Spraying attack, an adversary tries a small list (e.g. 3-5) of common or expected passwords, often matching the target's complexity policy, against a known list of user accounts to gain valid credentials. The adversary tries a particular password for each user account, before moving onto the next password in the list. This approach assists the adversary in remaining undetected by avoiding rapid or frequent account lockouts. The adversary may then reattempt the process with additional passwords, once enough time has passed to prevent inducing a lockout.

CAPEC-600: Credential Stuffing

An adversary tries known username/password combinations against different systems, applications, or services to gain additional authenticated access. Credential Stuffing attacks rely upon the fact that many users leverage the same username/password combination for multiple systems, applications, and services.

CAPEC-652: Use of Known Kerberos Credentials

An adversary obtains (i.e. steals or purchases) legitimate Kerberos credentials (e.g. Kerberos service account userID/password or Kerberos Tickets) with the goal of achieving authenticated access to additional systems, applications, or services within the domain.

CAPEC-653: Use of Known Operating System Credentials

An adversary guesses or obtains (i.e. steals or purchases) legitimate operating system credentials (e.g. userID/password) to achieve authentication and to perform authorized actions on the system, under the guise of an authenticated user or service. This applies to any Operating System.

Back to CWE stats page