7.5
CVE-2026-32299 - Connect CMS: Information Disclosure Due to Improper Authorization through the Page Content Retrievaβ¦
Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an improper authorization issue in the page content retrieval feature may allow retrieval of non-public information. Versions 1.41.1 and 2.β¦
6.8
CVE-2026-32279 - Connect CMS has SSRF in the External Page Migration Feature of its Page Management Plugin
Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, a Server-Side Request Forgery (SSRF) issue exists in the external page migration feature of the Page Management Plugin. Versions 1.41.1 andβ¦
8.8
CVE-2026-32913 - OpenClaw < 2026.3.7 - Custom Authorization Header Leakage via Cross-Origin Redirects
OpenClaw before 2026.3.7 contains an improper header validation vulnerability in fetchWithSsrFGuard that forwards custom authorization headers across cross-origin redirects. Attackers can trigger redirects to different origins to intercept sensitive headers like X-Api-Key and Private-Token intendedβ¦
0.0
CVE-2026-32912 -
This CVE ID has been rejected.
0.0
CVE-2026-32911 -
This CVE ID has been rejected.
0.0
CVE-2026-32910 -
This CVE ID has been rejected.
0.0
CVE-2026-32909 -
This CVE ID has been rejected.
0.0
CVE-2026-32908 -
This CVE ID has been rejected.
0.0
CVE-2026-32907 -
This CVE ID has been rejected.
0.0
CVE-2026-32904 -
This CVE ID has been rejected.