GHSA-WJ55-88GF-X564 OpenClaw may have stale policy enforcement for queued node actions

Summary Queued node actions were not revalidated against current command policy when later delivered, so stale allowlists or declarations could survive policy tightening. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

OpenClaw may have stale policy enforcement for queued node actions

Summary Queued node actions were not revalidated against current command policy when later delivered, so stale allowlists or declarations could survive policy tightening. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

CVE-2025-68331

In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged during data transfer, there is a probability of a system panic occurring. The root cause is an access to ...

EUVD-2015-3727

Malware in sbrugna...

scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs

...

The vulnerability of the FortiIsolator browser isolation platform arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. This vulnerability allows attackers to execute arbitrary code.

The vulnerability of the FortiIsolator browser isolation platform exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created HTTP...

The vulnerability of the Dell Unity Operating Environment’s operating environment for managing and maintaining data storage allows attackers to enhance their privileges, execute arbitrary commands, and gain full control over the application. This vulnerability arises from the lack of measures taken to neutralize special elements used in the operating system’s command set.

The vulnerability of the Dell Unity Operating Environment’s operating system for data storage management and operation is related to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability can allow a malicious actor to...

The vulnerability of Edimax IC-7100 IP cameras’ microprogramming software lies in the lack of measures to neutralize special elements used in the operating system’s command set. This allows intruders to execute arbitrary code.

The vulnerability of the microprogrammed IP camera Edimax IC-7100 is related to the lack of measures taken to neutralize special elements used in the operating system’s command structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted...

PT-2024-9474 · Advantech · Advantech Eki-6333Ac-2G +1

Name of the Vulnerable Software and Affected Versions: Advantech EKI-6333AC-2G versions 1.6.3 and earlier Advantech EKI-6333AC-2GD versions 1.6.3 and earlier Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier Description: The issue exists due to the lack of neutralization of special elements us...

The vulnerability of Ivanti Connect Secure and Ivanti Policy Secure, which are network access control tools, stems from the failure to take measures to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary code.

The vulnerability of the Ivanti Connect Secure and Ivanti Policy Secure network access control tools is related to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary co...

The vulnerability of Microsoft DeepSpeed’s optimization library, related to the failure to take measures to neutralize special elements used in the operating system’s command set, allows attackers to execute arbitrary code.

The vulnerability of Microsoft DeepSpeed’s optimization library relates to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability can allow attackers to execute arbitrary code...

Description of the security update for SharePoint Server Subscription Edition: July 9, 2024 (KB5002606)

Description of the security update for SharePoint Server Subscription Edition: July 9, 2024 KB5002606 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, Microsoft SharePoint remote code execution vulnerability, and Microsoft SharePoint Server...

The vulnerability of the automated support tool for Lenovo Service Bridge (LSB) arises from the lack of measures taken to neutralize special elements used in the operating system’s command set. This allows attackers to escalate their privileges and execute arbitrary commands.

The vulnerability of the Lenovo Service Bridge LSB automated support tool is related to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability can allow a malicious actor to increase their privileges and execute arbitrar...

The vulnerability of the HTTP-based microprogramming software service of D-Link G416 allows a hacker to execute arbitrary code.

The vulnerability of the HTTP-based microprogramming software used in D-Link G416 routers exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary code throug...

DEBIAN-CVE-2023-52702

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovsmetercmdset oldmeter needs to be free after it is detached regardless of whether the new meter is successfully attached...

UBUNTU-CVE-2023-52702

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovsmetercmdset oldmeter needs to be free after it is detached regardless of whether the new meter is successfully attached...

CVE-2023-52702

CVE-2023-52702 corresponds to a Linux kernel issue in net: openvswitch where ovs_meter_cmd_set() can leak memory because old_meter is not freed after detachment if the new meter attach succeeds or fails. The publicly provided connected Astra Linux bulletin mirrors this vulnerability and confirms ...

The vulnerability of the svc_supportassist utility in the operating system for managing and maintaining data storage in the Dell Unity Operating Environment allows a malicious actor to execute arbitrary commands with root privileges.

The vulnerability of the svcsupportassist utility in the operating environment for managing and maintaining data storage in the Dell Unity Operating Environment exists due to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this...

The vulnerability of the CMS system BaserCMS arises from the lack of measures taken to neutralize special elements used in the operating system’s command set, allowing attackers to execute arbitrary commands.

The vulnerability of the CMS system BaserCMS exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

The vulnerability of the FortiSIEM security management system arises from the failure to take measures to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands.

The vulnerability of the FortiSIEM security management system exists due to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely by sending specially...