CVE-2026-41915

OpenClaw before 2026.4.8 fails to remove git plumbing environment variables from the execution environment before host exec operations. Attackers can exploit this by setting GITDIR and related variables to redirect git operations and compromise repository integrity...

@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +21 more potentially affected by CVE-2026-41915 via openclaw (>=2026.3.22 <=2026.4.5)

openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-41915 Source advisory: SNYK:JS-OPENCLAW-15989080...

@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +22 more potentially affected by CVE-2026-41915 via openclaw (>=0.0.1 <=2026.4.5)

openclaw NPM version =0.0.1, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-41915 Source advisory: OSV:GHSA-CM8V-2VH9-CXF3...

CLSA-2025-1763123299 pmix: Fix of CVE-2023-41915

CVE-2023-41915: prevent attackers from obtaining ownership of arbitrary files by fixing race condition during execution of library code with UID 0...

EUVD-2025-41915

Malicious code in surya-kacang87-breki npm...

TencentOS Server 3: pmix (TSSA-2024:0189)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0189 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: pmix (TSSA-2024:0367)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0367 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2022-41915

Netty project is an event-driven asynchronous network application framework. Starting in version 4.1.83.Final and prior to 4.1.86.Final, when calling DefaultHttpHeadesr.set with an iterator of values, header value validation was not performed, allowing malicious header values in the iterator to...

Alibaba Cloud Linux 3 : 0090: pmix (ALINUX3-SA-2024:0090)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0090 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-41915: OpenPMIx PMIx before 4.2.6 and 5.0....

pmix security update

An update is available for pmix. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Process Management Interface PMI provides process management functions for M...

RLSA-2024:2199 Important: pmix security update

The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...

RockyLinux 9 : pmix (RLSA-2024:2199)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2199 advisory. pmix: race condition allows attackers to obtain ownership of arbitrary files CVE-2023-41915 Tenable has extracted the preceding description block directly from th...

Oracle Siebel Server <= 23.5 (July 2023 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: EAI JSON-java. Supported versions that are affected are 23.5 and prior...

Security Bulletin: IBM SPSS Analytic Server is affected by vulnerability in Netty (CVE-2022-41915)

Summary Netty is used by IBM SPSS Analytic Server. The latest patch includes Netty 4.1.109.Final to fix the vulnerability. Vulnerability Details CVEID:CVE-2022-41915 DESCRIPTION: Netty is vulnerable to HTTP response splitting attacks, caused by a flaw when calling DefaultHttpHeaders.set with an...

CVE-2024-41915

creationtimestamp| type| source ---|---|--- 2024-07-30 19:55:45+00:00| seen| https://t.me/cvedetector/2053...

Oracle Database Server (Jul 2024 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be...

RLSA-2024:3008 Important: pmix security update

The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of the PMI standard specifically designed to support clusters up to and including exascale sizes. Security Fixes: pmix: race condition allows attacker...

Oracle Linux 8 : pmix (ELSA-2024-3008)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3008 advisory. - Fix CVE-2023-41915 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

pmix security update

2.2.5-3 - Add gating test - Resolves: RHEL-3692 2.2.5-2 - Fix CVE-2023-41915 - Resolves: RHEL-3692...

RHEL 8 : pmix (RHSA-2024:3008)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3008 advisory. The Process Management Interface PMI provides process management functions for MPI implementations. PMI Exascale PMIx provides an extended version of...