Mirr2

**Name of the Vulnerable Software and Affected Versions** SillyTavern versions prior to 1.18.0 **Description** An issue exists in the "/api/extensions/delete" endpoint where it accepts the value "." for the `extensionName` variable. This bypasses the `sanitize-filename` validation, which converts the dot to an empty string, causing the application to resolve the path to the base extensions directory. Consequently, the entire user extensions directory is recursively deleted. In the default configuration, no authentication is required to perform this action. Similar behavior is also present in the "/api/extensions/update", "/api/extensions/version", "/api/extensions/branches", and "/api/extensions/switch" endpoints. **Recommendations** Update to version 1.18.0. As a temporary workaround, restrict network access to the SillyTavern instance to prevent unauthorized requests to the affected API endpoints.

**Name of the Vulnerable Software and Affected Versions** OpenClaw versions prior to 2026.4.23 **Description** An arbitrary code execution issue exists in the bundled plugin setup resolver. During provider setup metadata resolution, the system loads `setup-api.js` from `process.cwd()`. An attacker can execute arbitrary JavaScript under the current user account by placing a malicious `extensions/<plugin>/setup-api.js` file in a repository and convincing a user to run OpenClaw commands from that directory. **Recommendations** Update to version 2026.4.23 or later.

**Name of the Vulnerable Software and Affected Versions** n8n-mcp versions prior to 2.47.13 **Description** When running in HTTP transport mode, authenticated `tools/call` requests have their full arguments and JSON-RPC parameters written to server logs by the request dispatcher and related code paths before redaction occurs. This can lead to the disclosure of sensitive information in environments where logs are collected or forwarded to external systems, such as SIEM pipelines or shared storage. Exposed data may include bearer tokens, OAuth credentials sent via `n8n manage credentials.data`, per-tenant API keys, webhook authentication headers, and other secret-bearing payloads. The issue requires a valid `AUTH TOKEN` for authentication. While a console-silencing layer exists in HTTP mode, it is fragile and does not prevent values from being passed to the logger. **Recommendations** Update to version 2.47.13 or later. Restrict access to the HTTP port using a firewall, reverse proxy, or VPN to ensure only trusted clients can authenticate. Restrict access to server logs and disable shared SIEM ingestion until the update is applied. Switch to stdio transport by setting `MCP MODE=stdio` to avoid the affected HTTP surface and log calls.