CVE-2026-35651

OpenClaw OpenClaw 2026.2.13 through 2026.3.24 contains an ANSI escape sequence injection vulnerability in approval prompts. Untrusted tool metadata can carry ANSI control sequences into approval prompts and permission logs, enabling attackers to spoof terminal output by manipulating displayed inf...

DEBIAN-CVE-2012-3867

lib/puppet/ssl/certificateauthority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request CSR, which makes it easier for user-assisted remote attackers to trick...