Tag
high
advisory
Plunk Email Platform CRLF Header Injection Vulnerability
2 rules 1 TTP 1 CVEA CRLF header injection vulnerability in Plunk versions prior to 0.8.0 allows authenticated API users to inject arbitrary email headers, enabling silent email forwarding, reply redirection, or sender spoofing.
crlf
header-injection
plunk
cve-2026-34975
cloud
2r
1t
1c
high
advisory
OpenClaw Improper Header Validation Leads to Credential Leakage
2 rules 1 TTPOpenClaw before 2026.3.7 is vulnerable to improper header validation in fetchWithSsrFGuard, allowing attackers to intercept sensitive authorization headers via cross-origin redirects.
cve-2026-32913
credential-access
header-injection
openclaw
2r
1t