CVE-2026-31726

Technical details for CVE-2026-31726 are not publicly available in the provided Connected documents. The Initial Description outlines a Linux kernel UVC unbind race fix, but no vendor/product/version specifics are given here. Monitor for updates from OSV/Mageia/Debian advisories.

CVE-2026-31726

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe "usb: gadget: uvc: allow for application to cleanly shutdown" introduced two stages of synchronization waits totaling 1500ms in uvcfunctionunbi...

EUVD-2026-26539

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe "usb: gadget: uvc: allow for application to cleanly shutdown" introduced two stages of synchronization waits totaling 1500ms in uvcfunctionunbi...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from false negatives in the migration disable check under the PREEMPTRCU configuration. This could lea...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of fatal signals during fuse synchronization initialization. This vulnerability...

PT-2026-36361

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition in the USB gadget UVC USB Video Class component can lead to a NULL pointer dereference. During power management transitions, the wait event interruptible timeout functio...

EUVD-2026-26271

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster synchronization extraction routine allows an authenticated cluster peer to write arbitrary files outside the...

CVE-2026-30893

Wazuh cluster sync path traversal (CVE-2026-30893) affects versions 4.4.0–4.14.3. The vulnerability occurs in the cluster synchronization extraction routine (decompress_files()), enabling an authenticated cluster peer to write arbitrary files outside the extraction directory. This can escalate to...

CVE-2026-30893

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster synchronization extraction routine allows an authenticated cluster peer to write arbitrary files outside the...

CVE-2026-30893 Wazuh cluster sync path traversal in decompress_files() enables arbitrary file write and code execution from authenticated cluster peer

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster synchronization extraction routine allows an authenticated cluster peer to write arbitrary files outside the...

Linux Distros Unpatched Vulnerability : CVE-2026-31541

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing: Fix tracemarker copy link list updates When the copytracemarker option is enabled for an instance, anything written into /sys/kernel/tracing/tracemarke...

Wazuh 路径遍历漏洞

Wazuh is an open-source application developed by Wazuh. It is used for collecting, summarizing, indexing, and analyzing security data, helping organizations detect intrusions, threats, and abnormal behaviors. Versions of Wazuh from 4.4.0 to 4.14.4 contained a path traversal vulnerability. This...

CVE-2026-41397

OpenClaw before 2026.3.31 contains a sandbox escape vulnerability allowing attackers to traverse directory boundaries through symlink exploitation during file synchronization operations. Remote attackers can bypass sandbox restrictions by crafting malicious symlinks in mirror sync operations to...

EUVD-2026-26105

OpenClaw before 2026.3.31 contains a sandbox escape vulnerability allowing attackers to traverse directory boundaries through symlink exploitation during file synchronization operations. Remote attackers can bypass sandbox restrictions by crafting malicious symlinks in mirror sync operations to...

CVE-2026-41397 OpenClaw < 2026.3.31 - Sandbox Escape via Unrestricted File Sync and Symlink Traversal

OpenClaw before 2026.3.31 contains a sandbox escape vulnerability allowing attackers to traverse directory boundaries through symlink exploitation during file synchronization operations. Remote attackers can bypass sandbox restrictions by crafting malicious symlinks in mirror sync operations to...

CVE-2026-41397 OpenClaw < 2026.3.31 - Sandbox Escape via Unrestricted File Sync and Symlink Traversal

OpenClaw before 2026.3.31 contains a sandbox escape vulnerability allowing attackers to traverse directory boundaries through symlink exploitation during file synchronization operations. Remote attackers can bypass sandbox restrictions by crafting malicious symlinks in mirror sync operations to...

CVE-2026-41397

OpenClaw is affected: OpenClaw before 2026.3.31 has a sandbox escape vulnerability that lets an attacker bypass sandbox restrictions by crafting malicious symlinks during Mirror Sync/file synchronization, enabling traversal of directory boundaries. Affected component is the file synchronization/s...

CVE-2026-41397

OpenClaw before 2026.3.31 contains a sandbox escape vulnerability allowing attackers to traverse directory boundaries through symlink exploitation during file synchronization operations. Remote attackers can bypass sandbox restrictions by crafting malicious symlinks in mirror sync operations to...

CVE-2026-7062

A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the component Git Integration. Such manipulation leads to os command injection. The attack can be executed remotely. The exploit has been disclosed...

OpenClaw 后置链接漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 had a post-link vulnerability due to a sandbox escape issue. This vulnerability could allow remote attackers to access arbitrary files by exploiting symbolic links during fil...