78 matches found
Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt
This update fixes the following issues: golang-github-prometheus-nodeexporter: Version 1.10.2: meminfo: Fix typo in Zswap metric name Version 1.10.1: filesystem: Fix mount points being collected multiple times filesystem: Refactor mountinfo parsing bsc1261810 meminfo: Add Zswap/Zswapped metrics...
Docker: Race condition in docker cp allows bind mount redirection to host path
Summary A race condition during docker cp mount setup allows a malicious container to redirect a bind mount target to an arbitrary host path, potentially overwriting host files or causing denial of service. Details When copying files into a container, the daemon sets up a temporary filesystem vie...
CVE-2026-44113
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access...
Duplicate Advisory: OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5h3g-6xhh-rg6p. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that...
EUVD-2026-28190
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
GHSA-FRR5-J3MH-H9CH Duplicate Advisory: OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5h3g-6xhh-rg6p. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that...
CVE-2026-44112
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
CVE-2026-44113
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access...
CVE-2026-44113 OpenClaw < 2026.4.22 - Time-of-Check/Time-of-Use Race Condition in OpenShell FS Bridge
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access...
CVE-2026-44113
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access...
CVE-2026-44113 OpenClaw < 2026.4.22 - Time-of-Check/Time-of-Use Race Condition in OpenShell FS Bridge
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in the OpenShell filesystem bridge that allows attackers to read files outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and access...
CVE-2026-44112
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
CVE-2026-44112 OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenShell FS Bridge Writes
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
CVE-2026-44112 OpenClaw < 2026.4.22 - Symlink Swap Race Condition in OpenShell FS Bridge Writes
OpenClaw before 2026.4.22 contains a time-of-check/time-of-use race condition in OpenShell sandbox filesystem writes that allows attackers to redirect writes outside the intended mount root. Attackers can exploit symlink swaps during filesystem operations to bypass sandbox restrictions and write...
CVE-2026-44112
OpenClaw OpenShell has a TOCTOU race condition in sandbox filesystem writes that lets an attacker redirect writes outside the sandbox mount root by exploiting symlink swaps during filesystem operations. This affects OpenClaw versions prior to 2026.4.22. The issue’s root cause is a time-of-check/t...
PT-2026-38245
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.22 Description A time-of-check/time-of-use TOCTOU race condition exists in OpenShell sandbox filesystem writes. This flaw allows attackers to use symlink swaps during filesystem operations to bypass sandbox...
PT-2026-38246
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.22 Description A time-of-check/time-of-use TOCTOU race condition exists in the OpenShell filesystem bridge. This issue allows attackers to use symlink swaps during filesystem operations to bypass sandbox...
SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2026:1497-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1497-1 advisory. - CVE-2026-24484: denial of service via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-28493:...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011094)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011094 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rbendcommit at cod...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-24484: denial of service via multi-layer nested MVG to SVG conversion bsc1258790. CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. CVE-2026-28494: missing bounds checks in the morphology...