cybr.cx Daily Digest — April 22, 2026

Critical Vulnerabilities

CVE-2026-41303

Authorization bypass in OpenClaw's Discord integration allows non-privileged users to approve pending host execution requests by sending crafted Discord commands. 8.8 HIGH Organizations using OpenClaw's Discord approval workflow should upgrade to version 2026.3.28 immediately and audit recent execution approvals.

CVE-2026-6819

HKUDS OpenHarness exposes plugin management commands to remote attackers through unsecured channel access, enabling unauthorized plugin installation and activation. 8.8 HIGH This effectively grants remote code execution capabilities to anyone with channel layer access.

CVE-2026-34291

Oracle HTTP Server vulnerability in the Core component affects widely deployed versions 12.2.1.4.0 and 14.1.2.0.0, allowing unauthenticated network-based attacks. 8.7 HIGH While marked as difficult to exploit, the unauthenticated attack vector and potential for lateral impact make this a priority for Oracle Fusion Middleware environments.

CVE-2026-41294

OpenClaw loads .env files from the current working directory before applying trusted configuration, creating an environment variable injection vector. 8.6 HIGH Attackers can override security-sensitive settings by placing malicious .env files in repositories or workspaces.

CVE-2026-21997

Oracle Life Sciences Empirica Signal contains an easily exploitable vulnerability accessible to low-privileged attackers via HTTP. 8.5 HIGH Affects versions 9.2.1 through 9.2.3 in production life sciences environments.

CVE-2026-41296

Time-of-check-time-of-use race condition in OpenClaw's remote filesystem bridge enables sandbox escape through arbitrary file reads. 8.2 HIGH Attackers can exploit the timing gap between path validation and file access to bypass sandbox restrictions.

CVE-2026-6823

HKUDS OpenHarness ships with insecure default configuration allowing arbitrary remote senders to bypass access controls via wildcard permissions. 8.2 HIGH This can lead to unauthorized file disclosure and compromised agent runtimes in default deployments.

CVE-2026-34309

PeopleSoft Enterprise PeopleTools Security component vulnerability allows low-privileged attackers to perform unauthorized data manipulation via HTTP. 8.1 HIGH Affects versions 8.61 through 8.62 and is marked as easily exploitable.

Headline News

KelpDAO Hack Triggers $14 Billion DeFi Exodus

One of the largest DeFi exploits of 2026 has sent shockwaves through decentralised finance, with roughly $14 billion in capital fleeing the ecosystem in the wake of the KelpDAO hack. While Bitcoin itself stabilised above $76,000, the broader DeFi market is absorbing the kind of trust collapse that follows a high-profile protocol breach — and this one is severe. For security practitioners, the incident is a reminder that smart contract audits remain insufficient when economic incentives attract sufficiently motivated adversaries. The timing, coinciding with elevated geopolitical tensions involving Iran, adds complexity to attribution and incident response. Expect protocol teams across the ecosystem to be revisiting their emergency pause mechanisms and multisig governance controls this week.

France's National ID Platform Hit, Passport and Licence Data Potentially Exposed

France's Agence Nationale des Titres Sécurisés (ANTS) — the government platform handling applications for passports, national ID cards, residence permits, and driving licences — has been struck by a cyberattack, with a possible data breach affecting citizens who submitted personal documents through the system. The sensitivity of the exposed data is considerable: ANTS processes the kind of identity documentation that fuels downstream fraud, social engineering, and targeted phishing for years after a breach. French authorities have acknowledged the incident without confirming the full scope of compromised records. For practitioners managing identity-adjacent infrastructure, this is a timely reminder that government portals carrying high-value identity data remain high-priority targets — and that breach notification timelines in this sector often lag well behind the actual event.

Vercel Discloses Breach Affecting Customer Data

Vercel, the developer tooling platform widely used for frontend deployments and CI/CD pipelines, has disclosed that an attacker accessed and exfiltrated a limited amount of customer data. The breach is notable not just for the company's scale — Vercel was valued at $9.3 billion last year — but for its position in the software supply chain. Developers trust Vercel with environment variables, deployment secrets, and access tokens that can cascade into production environments if mishandled. The company disclosed the incident without specifying how access was initially obtained, which is the detail practitioners most need. Security teams with Vercel-dependent pipelines should be auditing environment variable exposure and rotating any credentials that may have been in scope.

Schrödinger's Feed

AES-128 Gets a Reprieve From the Quantum Threat

Fresh cryptanalysis work is offering some measured reassurance: AES-128 appears likely to remain secure against quantum attack, according to new findings from a cryptologist examining Grover's algorithm applied at scale. The conclusion isn't that quantum computers pose no threat to symmetric cryptography — it's that the practical overhead required to break AES-128 via quantum means remains prohibitively large even with projected hardware advances. This doesn't change the calculus for public-key cryptography, where quantum threats are far more immediate and NIST's post-quantum standards remain urgently relevant. Practitioners should take this as confirmation that their symmetric key hygiene matters, but not as a reason to slow PQC migration timelines on the asymmetric side of the house.

/dev/random

Someone Built an Open-Source AI Gateway in Go, and the Internet Noticed

GoModel, an open-source AI gateway written in Go, surfaced on Hacker News this week and pulled respectable attention for a project that essentially acts as a routing and abstraction layer for AI model APIs. It's the kind of tool that makes sense in a world where engineering teams are stitching together half a dozen model providers and need something to sit in the middle. Whether it belongs in production before a thorough security review of how it handles API keys and upstream credentials is, of course, a separate and more interesting question. The name GoModel also raises the eternal question of whether Go developers are legally required to include the word "Go" in every project title.