12 matches found
CVE-2026-53845
OpenClaw prior to version 2026.5.6 has a hook bypass in the skill-command dispatch path, where commands routed through the affected path skip the before-tool-call hook coverage, potentially bypassing auditing and policy enforcement. This is described in the CVE entry as a dispatch hook bypass vul...
PT-2026-49762
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.6 Description A hook bypass issue exists where skill commands routed through a specific dispatch path skip the runBeforeToolCallHook coverage. This allows attackers to send skill commands through the affected...
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files .pyc, does not properly trigger system audit events. Th...
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files .pyc, does not properly trigger system audit events. Th...
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
A flaw was found in CPython. This vulnerability allows a local user with low privileges to bypass security auditing mechanisms. The issue occurs because the SourcelessFileLoader component, responsible for handling older Python compiled files .pyc, does not properly trigger system audit events. Th...
CVE-2026-35366 uutils coreutils printenv Security Inspection Bypass via UTF-8 Enforcement
The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte sequences. While POSIX permits arbitrary bytes in environment strings, the uutils implementation silently skips these entries rather than printing the raw bytes. This vulnerability allows...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001096)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001096 advisory. Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set...
EUVD-2007-4286
Malware in sbrugna...
Zammad Access Control Error Vulnerability
Zammad is a Web-based open source helpdesk/customer support system. An access control error vulnerability exists in Zammad versions prior to 3.5.1. An attacker can exploit this vulnerability to bypass auditing and change Ticket Article data via REST API calls...
Zammad 安全漏洞
Zammad is a Web-based open source helpdesk/customer support system. An access control error vulnerability exists in Zammad versions prior to 3.5.1. An attacker can exploit this vulnerability to bypass auditing and change Ticket Article data via REST API calls...
Apache Impala Access Control Error Vulnerability
Apache Impala is the United States Apache Apache Software Foundation of a large-scale, distributed parallel processing database query system. The system is able to query the Hadoop big data analytics software stored in HDFS distributed file system and HBase database in the petabyte of big data. A...
CVE-2007-4302
CVE-2007-4302 concerns the Generic Software Wrappers Toolkit (GSWTK), where multiple race conditions in certain system call wrappers allow a local attacker to defeat system call interposition and potentially gain privileges or bypass auditing. The affected component is the GSWTK system call wrapp...