1395 matches found
[SECURITY] [DLA 4544-1] ntfs-3g security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4544-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz April 21, 2026 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 6221-1] ntfs-3g security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6221-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 21, 2026 https://www.debian.org/security/faq -...
EUVD-2026-23931
OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...
GHSA-QC5J-2MQX-X83Q Duplicate Advisory: OpenClaw: Webchat media embedding enforces local-root containment for tool-result files
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mr34-9552-qr95. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowi...
CVE-2026-41389
OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...
CVE-2026-41389 OpenClaw 2026.4.7 < 2026.4.15 - Arbitrary File Read via Unvalidated Tool-Result Media Paths
OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...
CVE-2026-41389
OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...
Debian dla-4533 : libnss-myhostname - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4533 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4533-1 [email protected]...
PT-2026-33823
OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...
GHSA-MR34-9552-QR95 OpenClaw: Webchat media embedding enforces local-root containment for tool-result files
Summary Webchat tool-result media normalization could pass local and UNC-style file paths into the host-side media embedding path without applying the configured local-root containment policy. Impact A crafted tool-result media reference could cause the host to attempt local file reads or Windows...
OpenClaw: Webchat media embedding enforces local-root containment for tool-result files
Summary Webchat tool-result media normalization could pass local and UNC-style file paths into the host-side media embedding path without applying the configured local-root containment policy. Impact A crafted tool-result media reference could cause the host to attempt local file reads or Windows...
CVE-2026-35072
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper neutralization of special elements used in an OS command 'OS command injection' vulnerability. A high...
Linux Distros Unpatched Vulnerability : CVE-2026-40225
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output. CVE-2026-40225 Note that Nessus reli...
CVE-2026-40225
A flaw was found in udev in systemd. A local user with access to malicious hardware devices can exploit this vulnerability. By providing unsanitized kernel output, the flaw allows for local root execution, leading to privilege escalation...
SUSE CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
EUVD-2026-21399
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
DEBIAN-CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
UBUNTU-CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...