EUVD-2026-29142

OpenClaw before 2026.4.22 contains a security envelope constraint bypass vulnerability allowing restricted subagents to spawn ACP child sessions that fail to inherit depth, child-count limits, control scope, or target-agent restrictions. Attackers can exploit this by spawning child sessions that...

NPM: OpenClaw's ACP child sessions inherit subagent security envelope constraints

NPM: OpenClaw's ACP child sessions inherit subagent security envelope constraints vulnerability discovered by ? in WordPress Npm openclaw versions = 2026.4.21...

OpenClaw's ACP child sessions inherit subagent security envelope constraints

Summary ACP child sessions inherit subagent security envelope constraints. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact A restricted subagent spawning an ACP child session could fail to carry forward subagent-only...

TeamSpeak 2 Interface - Cross Site Scripting (Client)

Document Title: =============== TeamSpeak 2 Interface - Cross Site Scripting Client References: =========== View: http://www.youtube.com/watch?v=ybE8qgMJ09o Release Date: ============= 2011-08-04 Vulnerability Laboratory ID VL-ID: ==================================== 245 Discovery Status:...