Vulnerabilities in qhkm

2 results

CVE-2026-32232HIGHZeptoClaw: Path boundary checks bypass via symlink, TOCTOU, and hardlinkEPSS 0.6%CVE-2026-32231HIGHZeptoClaw: Generic webhook channel trusts caller-supplied identity fields; allowlist is checked against untrusted payload dataEPSS 0.2%