MITRE ATT&CK CVE list for this attack path. Use risk scores and timeline to decide what to patch first and what to track next.
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2026-12105 | Improper access control in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to access attachments via folder duplication with inherited permissions. | 无 | 无 | 2026-06-16 | 2026-06-16 |
| CVE-2026-53866 | OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticated operators to execute unapproved commands. A command request using shell inline-command forms could route through a parser case missing the expected allowlist decision, enabling shell content execution without intended approval prompts. | 7.6 | 无 | 2026-06-16 | 2026-06-16 |
| CVE-2026-53851 | OpenClaw before 2026.5.12 contains a notification bypass vulnerability allowing Slack reaction events to enter the agent pipeline despite disabled reaction notifications. Attackers can trigger unintended agent processing by sending reaction events when the feature is enabled, potentially leading to unauthorized processing of lower-trust input. | 6.3 | 无 | 2026-06-16 | 2026-06-16 |
| CVE-2026-53850 | OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows authenticated callers to execute the command without proper authorization checks. Attackers can trigger the focus command to change focus state outside intended caller authority, potentially enabling unauthorized operations depending on gateway configuration and input trust levels. | 6.8 | 无 | 2026-06-16 | 2026-06-16 |
| CVE-2026-53844 | OpenClaw before 2026.4.29 contains a session visibility check bypass vulnerability in shared memory search that allows authenticated callers to access memory entries without proper authorization. Attackers can skip session visibility guards on the search path to retrieve memory entries that should not be visible to their session. | 6.0 | 无 | 2026-06-16 | 2026-06-16 |
| CVE-2026-10831 | A denial-of-service vulnerability exists in NPort devices because of improper access control on the command port. The command interface does not properly validate whether a sender is associated with a valid data port session before accepting break signal commands. A remote attacker with network access can send crafted requests to disrupt serial communication for an active user session. | 6.9 | 无 | 2026-06-16 | 2026-06-16 |
| CVE-2025-14272 | A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including user/role management and other administrative actions. | 8.3 | 无 | 2026-06-16 | 2026-06-16 |
| CVE-2026-54190 | Unauthenticated Broken Access Control in Envira Photo Gallery <= 1.12.5 versions. | 6.5 | 0.33% | 2026-06-16 | 2026-06-16 |
| CVE-2026-52714 | Unauthenticated Broken Access Control in SEO Plugin by Squirrly SEO <= 12.4.16 versions. | 5.9 | 0.29% | 2026-06-16 | 2026-06-16 |
| CVE-2026-52711 | Unauthenticated Broken Access Control in WooCommerce POS <= 1.8.14 versions. | 7.5 | 0.39% | 2026-06-16 | 2026-06-16 |
| CVE-2026-40809 | Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Metro Magazine: from n/a through 1.4.1. | 6.5 | 0.33% | 2026-06-16 | 2026-06-16 |
| CVE-2026-39490 | Unauthenticated Broken Access Control in JupiterX Core <= 4.14.1 versions. | 7.5 | 0.39% | 2026-06-16 | 2026-06-16 |
| CVE-2026-2381 | The WooCommerce Stripe Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `ajax_pay_for_order()` function in all versions up to, and including, 10.7.0 This is due to a missing order ownership or order_key verification when processing payment for an order via the `wc_stripe_pay_for_order` WC-AJAX endpoint. The function only validates a nonce (which is publicly available on any WooCommerce page where Express Checkout is | 6.5 | 0.47% | 2026-06-16 | 2026-06-16 |
| CVE-2025-68045 | Unauthenticated Broken Access Control in WP Event SOlution <= 4.1.12 versions. | 7.5 | 0.39% | 2026-06-16 | 2026-06-16 |
| CVE-2026-9187 | The Abandoned Contact Form 7 plugin for WordPress is vulnerable to unauthorized arbitrary post deletion in versions up to, and including, 2.2. This is due to a missing capability check and missing nonce validation in the action__remove_abandoned() function, which is registered to both the wp_ajax_remove_abandoned and wp_ajax_nopriv_remove_abandoned hooks. The handler takes a user-supplied recover_id parameter from $_POST and passes it directly to wp_delete_post() with the force-delete flag set t | 5.3 | 0.23% | 2026-06-16 | 2026-06-16 |
| CVE-2026-6964 | The Video Conferencing with Zoom plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.6.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to obtain the site's Zoom SDK API key and a freshly-signed JWT that can be used with the Zoom Web SDK to join any Zoom meeting associated with those credentials without a legitimate invitation. | 5.3 | 0.32% | 2026-06-16 | 2026-06-16 |
| CVE-2026-49775 | Unauthenticated Broken Access Control in Welcart e-Commerce <= 2.11.28 versions. | 6.5 | 0.19% | 2026-06-15 | 2026-06-15 |
| CVE-2026-49070 | Unauthenticated Broken Access Control in Knit Pay <= 9.4.0.0 versions. | 7.5 | 0.25% | 2026-06-15 | 2026-06-15 |
| CVE-2026-49065 | Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce <= 1.9.5 versions. | 8.2 | 0.24% | 2026-06-15 | 2026-06-15 |
| CVE-2026-48887 | Unauthenticated Broken Access Control in JS Help Desk <= 3.0.9 versions. | 6.5 | 0.24% | 2026-06-15 | 2026-06-15 |