CVE-2026-41338 OpenClaw < 2026.3.31 - Time-of-Check-Time-of-Use (TOCTOU) Vulnerability in Sandbox File Operations

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns in applypatch, remove, and mkdir operations to manipulate files between validation and execution...

GHSA-RM5C-4RMF-VVHW OpenClaw: Sandbox file operations use check-then-act, bypassing fd-based TOCTOU defenses

Summary Sandbox file operations use check-then-act, bypassing fd-based TOCTOU defenses Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Released workspace-only applypatch remove and mkdir operations were still check-then-act, but the draft overstates scope by...

CVE-2025-69783

A local attacker can bypass OpenEDR's 2.5.1.0 self-defense mechanism by renaming a malicious executable to match a trusted process name e.g., csrss.exe, edrsvc.exe, edrcon.exe. This allows unauthorized interaction with the OpenEDR kernel driver, granting access to privileged functionality such as...

API Security for AI Agents: Why Protection Has Never Been More Important.

For years, a lot of risky APIs survived simply because they were hard to find. They weren’t documented. Only a handful of engineers knew the endpoints. And if an attacker wanted to abuse them, they had to spend real time reverse‑engineering traffic and guessing how things worked. That “security b...

Exploiting Layer-Specific Vulnerabilities to Backdoor Attack in Federated Learning

Federated learning FL enables distributed model training across edge devices while preserving data locality. This decentralized approach has emerged as a promising solution for collaborative learning on sensitive user data, effectively addressing the longstanding privacy concerns inherent in...

EUVD-2021-10817

Malware in sbrugna...

EUVD-2021-32112

Malicious code in bioql PyPI...

EUVD-2021-2996

Malicious code in bioql PyPI...

ShadowLeak Exploit Exposed Gmail Data Through ChatGPT Agent

Radware researchers revealed a service-side flaw in OpenAI's ChatGPT. The ShadowLeak attack had used indirect prompt injection to bypass defences and leak sensitive data, but the issue has since been fixed...

Advancing Jailbreak Strategies: a Hybrid Approach to Exploiting LLM Vulnerabilities and Bypassing Modern Defenses

The advancement of Pre-Trained Language Models PTLMs and Large Language Models LLMs has led to their widespread adoption across diverse applications. Despite their success, these models remain vulnerable to attacks that exploit their inherent weaknesses to bypass safety measures. Two primary...

Context Manipulation Attacks : Web Agents Are Susceptible to Corrupted Memory

Autonomous web navigation agents, which translate natural language instructions into sequences of browser actions, are increasingly deployed for complex tasks across e-commerce, information retrieval, and content discovery. Due to the stateless nature of large language models LLMs, these agents...

CVE-2023-26237

An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM...

CVE-2021-23874

Arbitrary Process Execution vulnerability in McAfee Total Protection MTP prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense...

CVE-2021-45339

Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense...

SFIBA: Spatial-Based Full-Target Invisible Backdoor Attacks

Multi-target backdoor attacks pose significant security threats to deep neural networks, as they can preset multiple target classes through a single backdoor injection. This allows attackers to control the model to misclassify poisoned samples with triggers into any desired target class during...

CVE-2024-5211

CVE-2024-5211 : Concrete details across multiple sources show a path traversal vulnerability in mintplex-labs/anything-llm. By bypassing the normalizePath() check during the logo-setting flow, an attacker can read, delete, or overwrite the file anythingllm.db and other files in the storage direct...

CVE-2023-26237

An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM...

SUSE CVE-2019-11761

By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox 70,...

SUSE CVE-2021-0938

In memzeroexplicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2021-45339

Privilege escalation vulnerability in Avast Antivirus prior to 20.4 allows a local user to gain elevated privileges by "hollowing" trusted process which could lead to the bypassing of Avast self-defense...