CVE-2026-26325

OpenClaw is a personal AI assistant. Prior to version 2026.2.14, a mismatch between rawCommand and command in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. This only impacts deployments that use the node...

GHSA-H3F9-MJWJ-W476 OpenClaw Node host system.run rawCommand/command mismatch can bypass allowlist/approvals

Summary A mismatch between rawCommand and command in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. Affected Configurations This only impacts deployments that: - Use the node host / companion node executi...

Linux Distros Unpatched Vulnerability : CVE-2022-49889

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Check for NULL cpubuffer in ringbufferwakewaiters On some machines the number o...

Array Mismatch in RdpxV2Core.sol

Lines of code Vulnerability details Impact reserveTokens and reserveAsset are not synced because reserveTokens was not initialized in the constructor. Proof of Concept The RdpxV2Core.sol contract stores the reserve token information and also uses another array to only track the reserve token...

AZL-35320 CVE-2023-25675 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1...