Tag

Input-Validation

5 briefs RSS

CVE-2026-0238: Palo Alto Networks Broker VM Improper Input Validation

CVE-2026-0238 is an improper input validation vulnerability in Palo Alto Networks Broker VM that allows an authenticated administrator to inject arbitrary content into certain fields, affecting versions 30.0 prior to 30.0.24.

exploited Broker VM vulnerability input validation

2r May 13, 2026

medium advisory

Free5GC UDM Information Disclosure via Malformed Request

2 rules 2 TTPs 1 CVE

The free5GC UDM component fails to validate the `supi` path parameter in six GET handlers, allowing an unauthenticated attacker to inject control characters and trigger a `500 Internal Server Error` that exposes internal infrastructure details.

udm information-disclosure input-validation free5GC

2r 2t 1c May 7, 2026

high advisory

OpenClaw Input Validation Vulnerability Allows Privilege Escalation

2 rules 1 TTP 1 CVE

OpenClaw before version 2026.4.10 contains an input validation vulnerability (CVE-2026-43534) allowing external hook metadata to be enqueued as trusted system events, enabling attackers to escalate privileges.

OpenClaw input-validation privilege-escalation cve-2026-43534

2r 1t 1c May 5, 2026

high advisory

Microsoft PowerShell Improper Input Validation Vulnerability (CVE-2026-26143)

2 rules 1 TTP 1 CVE

An improper input validation vulnerability (CVE-2026-26143) in Microsoft PowerShell allows an unauthorized local attacker to bypass security features.

cve-2026-26143 powershell input-validation bypass-uac windows

2r 1t 1c Apr 15, 2026

medium advisory

Adobe ColdFusion Improper Input Validation Vulnerability (CVE-2026-27306)

2 rules 1 TTP 1 CVE

An improper input validation vulnerability in Adobe ColdFusion versions 2023.18, 2025.6, and earlier (CVE-2026-27306) could lead to arbitrary code execution if a privileged user opens a specially crafted malicious file.

cve-2026-27306 coldfusion code execution input validation

2r 1t 1c Apr 15, 2026