SUSE CVE-2026-6785

Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

SUSE CVE-2026-41196

Luanti formerly Minetest is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This applies to the...

EUVD-2026-25339

OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks...

GHSA-JX3C-247H-CXWP Duplicate Advisory: OpenClaw: Workspace `.env` can override the bundled hooks root and load attacker hook code

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3qpv-xf3v-mm45. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAWBUNDLEDHOOKSDIR environment variable,...

TOTOLINK A3300R stunMinAlive Parameter Command Injection Vulnerability

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R stunMinAlive parameter, which stems from a failure to properly handle the stunMinAlive parameter in cstecgi.cgi, and can be exploited by an attacker to...

ROS-20260424-73-0004

Vulnerability in gimp related to writing outside buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : jq vulnerabilities (USN-8202-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8202-1 advisory. It was discovered that jq did not correctly handle certain string concatenations. An...

ROS-20260424-73-0005

Vulnerability in gimp related to writing outside buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

KLA91001 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Race condition vulnerability in GPU can be exploited to cause denial of service. 2. Use...

Debian dsa-6229 : thunderbird - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6229 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6229-1 [email protected]...

kernel: Linux kernel: Use-after-free in bonding module can cause system crash or arbitrary code execution

A flaw was found in the Linux kernel's bonding module. This use-after-free vulnerability occurs when a new slave device is added to the bonding array but fails during the enslave process. A local attacker can exploit this by triggering the enslave failure, which may lead to a system crash,...

CVE-2026-41355

OpenClaw before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks...

CVE-2026-41355

OpenShell is affected by CVE-2026-41355 (pre-2026.3.28) where a vulnerability in mirror mode allows conversion of untrusted sandbox files into workspace hooks, enabling arbitrary code execution on the host at gateway startup when mirror-mode access is present. The issue stems from how workspace h...

CVE-2026-41355 OpenClaw < 2026.3.28 - Arbitrary Code Execution via Mirror Mode Sandbox File Conversion

OpenClaw before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror mode access can execute arbitrary code on the host during gateway startup by exploiting enabled workspace hooks...

CVE-2026-41336

OpenClaw prior to 2026.3.31 is vulnerable: workspace .env files can override OPENCLAW_BUNDLED_HOOKS_DIR, allowing attacker-controlled hooks to be loaded and arbitrary code executed. The impact is high (local attack, attacker-controlled code, potential concealment of changes) as described in CVE-2...

CVE-2026-41336 OpenClaw < 2026.3.31 - Arbitrary Hook Code Execution via OPENCLAW_BUNDLED_HOOKS_DIR Environment Variable Override

OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAWBUNDLEDHOOKSDIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted default-on bundled hooks from untrusted workspaces to execute arbitrary code...

EUVD-2026-25265

This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYST...

CVE-2026-26210

KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balanceserve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces with no authentication and deserializes incoming messages using pickle.loads without validation. Attackers can...

CVE-2026-25874

LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. An unauthenticated network-reachable...

CVE-2026-41247

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.67, elFinder contains a command injection vulnerability in the resize command. The bg background color parameter is accepted from user input and passed through image resize/rotate processing. In...