10804 matches found
CVE-2026-27007 OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...
CVE-2026-27007 OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...
CVE-2026-27007 OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...
CVE-2026-26325
OpenClaw is a personal AI assistant. Prior to version 2026.2.14, a mismatch between rawCommand and command in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. This only impacts deployments that use the node...
CVE-2026-26325 OpenClaw Node host system.run rawCommand/command mismatch can bypass allowlist/approvals
OpenClaw is a personal AI assistant. Prior to version 2026.2.14, a mismatch between rawCommand and command in the node host system.run handler could cause allowlist/approval evaluation to be performed on one command while executing a different argv. This only impacts deployments that use the node...
Prototype pollution in swiper
Summary A prototype pollution vulnerability exists in the the npm package swiper =6.5.1, -1; let obj = ; var maliciouspayload = '"proto":"polluted":"yes"'; console.log.polluted; swiper.default.extendDefaultsJSON.parsemaliciouspayload; console.log.polluted; // prints yes - indicating that the patc...
SUSE CVE-2025-71225
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...
MiracleLinux 9 : php-8.0.30-5.el9_7 (AXSA:2026-201:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-201:01 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk imag...
PT-2026-20968
OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...
AlmaLinux 9 : php (ALSA-2026:2799)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2799 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images...
Amazon Linux 2 : fontforge, --advisory ALAS2-2026-3164 (ALAS-2026-3164)
The version of fontforge installed on the remote host is prior to 20120731b-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3164 advisory. FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows...
GHSA-XXVH-5HWJ-42PP OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation
Description normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw sandbox flows, this hash is used to decide whether...
OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation
Description normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw sandbox flows, this hash is used to decide whether...
UBUNTU-CVE-2025-71231
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in findemptyiaacompressionmode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empty compression mode can b...
AZL-77874 CVE-2025-71225 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...
CVE-2025-71225
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...
UBUNTU-CVE-2025-71225
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...
CVE-2025-71225
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...
CVE-2025-71225
CVE-2025-71225: Linux kernel vulnerability in RAID update path. When updating raid_disks via sysfs, freeze_array may unblock before queued r1bio structures are released, causing free_r1bio() to access memory with the old raid_disks/mempool configuration. This can lead to out-of-bounds access and ...
CVE-2025-71225 md: suspend array while updating raid_disks via sysfs
In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs In raid1reshape, freezearray is called before modifying the r1bio memory pool conf-r1biopool and conf-raiddisks, and unfreezearray is called after the update is completed...