CVE-2026-40493

creationtimestamp| type| source ---|---|--- 2026-04-18 04:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116423827633920562 2026-04-18 04:30:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mjqm5bpu762l 2026-04-18 05:18:34+00:00| published-proof-of-concept|...

CVE-2026-40494

creationtimestamp| type| source ---|---|--- 2026-04-18 03:00:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116423473750822766 2026-04-18 03:00:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mjqh4dxftd2j 2026-04-18 05:18:34+00:00| published-proof-of-concept|...

CVE-2026-40572

creationtimestamp| type| source ---|---|--- 2026-04-18 01:30:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116423119797929424 2026-04-18 01:30:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mjqc3fc2ov2p 2026-04-18 03:16:44+00:00| published-proof-of-concept|...

CVE-2026-40258

creationtimestamp| type| source ---|---|--- 2026-04-17 23:00:15+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mjpzopfphj2a 2026-04-17 23:00:17+00:00| seen| https://infosec.exchange/users/offseq/statuses/116422528958630190 2026-04-17 23:20:15+00:00| published-proof-of-concept|...

External Control of System or Configuration Setting

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to External Control of System or Configuration Setting via the loading of workspace .env files. An attacker can manipulate runtime-control variables by crafting a malicious .env file that se...

GHSA-7WV4-CC7P-JHXC OpenClaw: Workspace .env could inject OpenClaw runtime-control variables

Summary Workspace .env could inject OpenClaw runtime-control variables. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 Impact A malicious workspace .env file could set OpenClaw runtime-control variables affecting update sources, gateway URLs,...

OpenClaw: Workspace .env could inject OpenClaw runtime-control variables

Summary Workspace .env could inject OpenClaw runtime-control variables. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 Impact A malicious workspace .env file could set OpenClaw runtime-control variables affecting update sources, gateway URLs,...

CVE-2026-32105

creationtimestamp| type| source ---|---|--- 2026-04-17 21:22:46+00:00| seen| Telegram/o-uTgZiWLI4DGr-3Qx2v6r5S9u58WJIjtqdTFR62kB0PIWs 2026-04-17 21:30:12+00:00| seen| https://infosec.exchange/users/offseq/statuses/116422175064751572 2026-04-17 21:30:14+00:00| seen|...

CVE-2026-5718

creationtimestamp| type| source ---|---|--- 2026-04-17 18:21:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjpk3gndxu2o 2026-04-17 19:06:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjpmmmc3zg2d 2026-04-17 19:27:20+00:00| seen|...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: valkey: valkey-9.0.3-1.2.hum1 aarch64, x8664 valkey-compat-redis-9.0.3-1.2.hum1 noarch valkey-compat-redis-devel-9.0.3-1.2.hum1 noarch valkey-devel-9.0.3-1.2.hum1 aarch64, x8664...

CVE-2025-36568

creationtimestamp| type| source ---|---|--- 2026-04-17 10:55:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjor6crze62f 2026-04-17 11:11:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjos2lv65s26 2026-04-17 11:17:26+00:00| seen|...

CVE-2026-6439

creationtimestamp| type| source ---|---|--- 2026-04-17 10:23:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjopg5kzre2f 2026-04-17 11:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mjotaarzaz2u...

CVE-2026-23775

creationtimestamp| type| source ---|---|--- 2026-04-17 10:20:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjoparma452f 2026-04-17 11:11:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjos2sg6nb27 2026-04-17 11:17:26+00:00| seen|...

CVE-2026-6443

creationtimestamp| type| source ---|---|--- 2026-04-17 07:30:33+00:00| seen| https://infosec.exchange/users/offseq/statuses/116418873404290151 2026-04-17 07:30:35+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mjofqe4pc425 2026-04-17 09:15:54+00:00| seen|...

PT-2026-37016

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.9 Description An environment variable injection issue exists where malicious workspace .env files can set runtime-control variables. This allows attackers to inject variables that affect update sources, gatewa...

CVE-2026-37749

creationtimestamp| type| source ---|---|--- 2026-04-16 19:00:11+00:00| published-proof-of-concept| Telegram/jBpTD-VrkkU4blOwQXqNEQHYP3qYdnW5ne9K2E9cd5frRY 2026-04-16 21:00:04+00:00| published-proof-of-concept| Telegram/YdSs7ODl4GqLLTJMVDK5lc2sRwnfVBIE8xXSYrBaURrpR0I 2026-04-17 15:00:04+00:00|...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssl (UTSA-2026-007124)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007124 advisory. Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications...

DataEase 安全漏洞

DataEase is an open-source data visualization and analysis tool developed by DataEase. It helps users quickly analyze data and gain insights into business trends, thereby enabling improvements and optimizations in their businesses. DataEase versions 2.10.20 and earlier contain security...

CVE-2026-6388

creationtimestamp| type| source ---|---|--- 2026-04-15 23:27:35+00:00| seen| Telegram/ajbOyvFAewWZ2L70l5GRQuj2wRnDYaN4zfpEHfJh7NMuY 2026-04-16 00:53:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjl72wjbmn2z 2026-04-16 01:30:30+00:00| seen|...

CVE-2026-6349

creationtimestamp| type| source ---|---|--- 2026-04-15 18:44:00+00:00| seen| https://www.twcert.org.tw/en/cp-139-10841-4f504-2.html 2026-04-16 04:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116412503035182529 2026-04-16 05:03:26+00:00| seen|...