CVE ID :CVE-2026-45013 Published : June 12, 2026, 9:16 p.m. | 1 hour, 51 minutes ago Description :ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 have a password reset flow that constructs the reset URL using `req.hostname`, which is...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-45013 - Apostrophe has a Weak Password Recovery Mechanism for Forgotten Password and Improper Input Validation

VERWANDTEARTIKEL

CVE-2026-53868 - Capgo < 12.128.2 - Denial of Service via Unverified Email Account Registration and Deletion

CVE-2026-53834 - OpenClaw < 2026.4.27 - Authorization Bypass in QQBot Pre-dispatch Slash Commands

CVE-2026-53836 - OpenClaw < 2026.5.12 - Allowlist Bypass via PowerShell Encoded-Command Aliases

CVE-2026-53838 - OpenClaw < 2026.5.27 - Node Pairing State Mutation via Reconnection

CVE-2026-53828 - OpenClaw < 2026.5.6 - Native Command Authorization Bypass via Owner-Command Enforcement

CVE-2026-53829 - OpenClaw < 2026.5.18 - Command Truncation in Exec Approval Display