10808 matches found
Encoding Error
Overview asn1-ts is an ASN.1 encoding and decoding, including BER, CER, and DER. Affected versions of this package are vulnerable to Encoding Error in the integer decoding that can leak the underlying ArrayBuffer. Remediation Upgrade asn1-ts to version 11.0.6 or higher. References - GitHub Commit...
Security information for Hitachi Disk Array Systems
Overview CVE-2023-31096 | MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability CVE-2024-55414 | Windows Motorola Soft Modem Driver Elevation of Privilege Vulnerability CVE-2026-20804 | Windows Hello Tampering Vulnerability CVE-2026-20805 | Desktop Window...
CVE-2026-27007
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...
OpenClaw 安全漏洞
OpenClaw is openclaw open source an intelligent artificial assistant. A security vulnerability exists in OpenClaw that stems from the normalizeForHash function mishandling array sorting, which can be exploited by an attacker to cause a compromise in the integrity of a sandboxed configuration...
CVE-2026-27007 OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...
CVE-2026-27007 OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...
CVE-2026-27007 OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...
CVE-2026-26325
OpenClaw is a personal AI assistant. Prior to version 2026.2.14, a mismatch between rawCommand and command in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. This only impacts deployments that use the node...
CVE-2026-26325 OpenClaw Node host system.run rawCommand/command mismatch can bypass allowlist/approvals
OpenClaw is a personal AI assistant. Prior to version 2026.2.14, a mismatch between rawCommand and command in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. This only impacts deployments that use the node...
Prototype pollution in swiper
Summary A prototype pollution vulnerability exists in the the npm package swiper =6.5.1, -1; let obj = ; var maliciouspayload = '"proto":"polluted":"yes"'; console.log.polluted; swiper.default.extendDefaultsJSON.parsemaliciouspayload; console.log.polluted; // prints yes - indicating that the patc...
SUSE CVE-2025-71225
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...
MiracleLinux 9 : php-8.0.30-5.el9_7 (AXSA:2026-201:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-201:01 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk imag...
PT-2026-20968
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...
AlmaLinux 9 : php (ALSA-2026:2799)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2799 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images...
Amazon Linux 2 : fontforge, --advisory ALAS2-2026-3164 (ALAS-2026-3164)
The version of fontforge installed on the remote host is prior to 20120731b-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3164 advisory. FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows...
GHSA-XXVH-5HWJ-42PP OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation
Description normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw sandbox flows, this hash is used to decide whether...
OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation
Description normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw sandbox flows, this hash is used to decide whether...
UBUNTU-CVE-2025-71231
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in findemptyiaacompressionmode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empty compression mode can b...
AZL-77874 CVE-2025-71225 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...
CVE-2025-71225
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...