GHSA-QM9X-V7CX-7RQ4 OpenClaw's system.run allowlist can be bypassed through an unregistered time dispatch wrapper

Summary Allow-always exec approvals did not unwrap /usr/bin/time, so an unregistered time wrapper could bypass executable binding and reuse approval state for the inner command. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-...

CVE-2026-32023

OpenClaw versions prior to 2026.2.24 contain an approval gating bypass vulnerability in system.run allowlist mode where nested transparent dispatch wrappers can suppress shell-wrapper detection. Attackers can exploit this by chaining multiple dispatch wrappers like /usr/bin/env to execute /bin/sh...

CVE-2025-9586

CVE-2025-9586 affects Comfast CF-N1 firmware version 2.6.0. The vulnerability resides in the wireless_device_dissoc function of /usr/bin/webmgnt, where manipulating the mac argument leads to command injection. Exploitation appears feasible remotely, and public PoCs/exploits exist. Multiple connec...

COMFAST CF-N1 安全漏洞

COMFAST CF-N1 is a wireless router from China Four Seas Zonglian COMFAST. A security vulnerability exists in COMFAST CF-N1 version 2.6.0, which originates from a command injection due to incorrect operation of the parameter phyinterface in the file /usr/bin/webmgnt...

Security update for apparmor

This update for apparmor fixes the following issue: Allow dovecot-auth to execute unix check password from /sbin, not only from /usr/bin bsc1234452. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

CVE-2024-44466

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface...

SUSE-SU-2024:2959-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges bsc1226448. - Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts bsc1227378...

Lexmark CX331adwe Firmware Downgrade Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /usr/bin/hydra service, which listens on TCP port 9100 by...

java security update

CentOS Errata and Security Advisory CESA-2023:5761 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having ...

Moderate: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 OpenJDK: certificate path...

CVE-2023-38866

COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub415588. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter interface and displayname...

libXpm security update

3.5.12-9 - Fix CVE-2022-46285: infinite loop on unclosed comments 2161800 - Fix CVE-2022-44617: runaway loop with width of 0 2161808 - Fix CVE-2022-4883: compression depends on /usr/local/bin:/usr/bin 2160238...

CVE-2022-28571

D-link 882 DIR882A1FW130B06 was discovered to contain a command injection vulnerability in/usr/bin/cli...

CVE-2022-24595

Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected by Incorrect Access Control in usr/bin/afb-daemon. To exploit the vulnerability, an attacker should send a well-crafted HTTP or WebSocket request to the socket listened by the afb-daemon process. No...

CVE-2022-24595

CVE-2022-24595 affects Automotive Grade Linux Kooky Koi versions 11.0.0–11.0.5. The root cause is Incorrect Access Control in /usr/bin/afb-daemon. An attacker can exploit by sending a crafted HTTP (or WebSocket) request to the socket listened by the afb-daemon process, with no credentials or user...

babel security and bug fix update

2.5.1-7 - Include the /usr/bin/pybabel binary that runs on Python 3.6 in the python3-babel package Resolves: rhbz1967173 2.5.1-6 - Fix CVE-2021-20095 Resolves: rhbz1955615...

ASAN/SUID - Local Privilege Escalation

!/bin/bash unsanitary.sh - ASAN/SUID Local Root Exploit Exploits er, unsanitized env var passing in ASAN which leads to file clobbering as root when executing setuid root binaries compiled with ASAN. Uses an overwrite of /etc/ld.so.preload to get root on a vulnerable system. Supply your own targe...

Solaris 10 (sparc) : 141014-01

SunOS 5.10: /usr/bin/dircmp patch. Date this patch was last updated by Sun : Mar/19/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...