27 matches found
CVE-2026-41388 OpenClaw < 2026.3.31 - Configuration Rehydration via Empty-Array Revocation Handling
OpenClaw before 2026.3.31 contains a configuration management vulnerability where startup migration treats empty-array settings as missing values. Attackers can restart the application to rehydrate revoked Tlon configuration from file state, bypassing intended revocation controls...
GHSA-3PM9-5J7M-59VC OpenClaw: Tlon Startup Migration Rehydrates Empty-Array Revocations From File Config
Summary Tlon Startup Migration Rehydrates Empty-Array Revocations From File Config Current Maintainer Triage - Status: open - Normalized severity: low - Assessment: v2026.3.28 startup migration still treats empty-array settings as missing and can rehydrate revoked Tlon config from file state afte...
OpenClaw: Tlon Startup Migration Rehydrates Empty-Array Revocations From File Config
Summary Tlon Startup Migration Rehydrates Empty-Array Revocations From File Config Current Maintainer Triage - Status: open - Normalized severity: low - Assessment: v2026.3.28 startup migration still treats empty-array settings as missing and can rehydrate revoked Tlon config from file state afte...
CVE-2022-38475
An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox 104...
EUVD-2018-19275
Malware in sbrugna...
EUVD-2024-36203
Malicious code in bioql PyPI...
EUVD-2024-36196
Malicious code in bioql PyPI...
Malicious code in new-empty-array (npm)
The package new-empty-array was found to contain malicious code...
MAL-2025-27360 Malicious code in new-empty-array (npm)
The package new-empty-array was found to contain malicious code...
PT-2025-29027
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the ASoC Advanced Linux Sound Architecture Intel audio subsystem. Specifically, the parse int array function does not adequately validate t...
Malicious code in empty-array-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349e81874005a4e4ed11f5e452324e817f3fc61d4a22f5237445d562df83fb60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2307 Malicious code in empty-array-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349e81874005a4e4ed11f5e452324e817f3fc61d4a22f5237445d562df83fb60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-36743
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.dot...
CVE-2024-36732
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.tensordot...
CVE-2024-27047
...
CVE-2024-36732
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.tensordot...
CVE-2024-36743
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.dot...
CVE-2024-36743
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.dot...
CVE-2024-36743
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.dot...
CVE-2024-27047
A vulnerability was found in the Linux kernel's net driver phydevice.c in the phygetinternaldelay function, where a lack of proper checks can cause a potential NULL pointer dereference to occur when the function attempts to access an empty array. The error occurs if the driver calls...