Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

Iran-affiliated cyber actors are targeting internet-facing operational technology OT devices across critical infrastructures in the U.S., including programmable logic controllers PLCs, cybersecurity and intelligence agencies warned Tuesday. "These attacks have led to diminished PLC functionality,...

EUVD-2026-19814

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

DEBIAN-CVE-2026-4631

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

CVE-2025-14821 Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows

A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH Secure Shell connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communications via an...

CVE-2025-14821 Libssh: libssh: insecure default configuration leads to local man-in-the-middle attacks on windows

A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH Secure Shell connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communications via an...

CVE-2026-4631 Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

CVE-2026-4631 Cockpit: cockpit: unauthenticated remote code execution due to ssh command-line argument injection

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

CVE-2026-4631

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

CVE-2026-4631

CVE-2026-4631 affects Cockpit: unauthenticated remote code execution via SSH command-line argument injection in the remote login flow. The web interface passes user-supplied hostnames/usernames to the SSH client without validation, allowing a network-connected attacker to send a single HTTP reque...

PT-2026-30930

OpenHarness prior to commit 166fcfe contains an improper access control vulnerability in built-in file tools due to inconsistent parameter handling in permission enforcement, allowing attackers who can influence agent tool execution to read arbitrary local files outside the intended repository...

Linux Distros Unpatched Vulnerability : CVE-2026-4631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An...

CVE-2026-35452

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesyste...

CVE-2026-35452

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesyste...

CVE-2026-35452

WWBN AVideo (versions 26.0 and prior) is affected by CVE-2026-35452 due to unauthenticated access to CloneSite/plugin/CloneSite/client.log.php, which serves clone operation logs containing internal filesystem paths, remote server URLs, and SSH metadata. The vulnerability arises because this endpo...

PT-2026-30336

Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without authentication. Other endpoints in the CloneSite plugin directory enforce User::isAdmin. The log contains...

curl: ignoring 'options' when doing connection reuse

libcurl contains a significant logic flaw in its connection pool matching mechanism. When a transfer specifies a required authentication policy—such as a specific SASL mechanism e.g., ;AUTH=GSSAPI or a restricted set of SSH authentication types CURLOPTSSHAUTHTYPES—libcurl fails to verify these...

PT-2026-30245

Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical default SSH and SSL keys that cannot be changed, allowing unauthenticated remote attackers to decrypt or intercept encrypted management communications. Attackers can perform...

GHSA-FV94-QVG8-XQPW OpenClaw: SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host

Summary SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: Real in shipped v2026.3.28: SSH sandbox tar upload lacked pre-upload symlink escape rejection until 3d5af14984 on...

OpenClaw: SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host

Summary SSH sandbox tar upload follows symlinks, enabling arbitrary file write on remote host Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: Real in shipped v2026.3.28: SSH sandbox tar upload lacked pre-upload symlink escape rejection until 3d5af14984 on...

Improper Removal of Sensitive Information Before Storage or Transfer

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the process.env variable being passed unsanitized to child processes. An attacker can influence the environment of...