CVE-2026-41343

OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can flood the webhook endpoint with concurrent requests before signature verification to exhaust resources and degrade...

CVE-2026-6940

radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete arbitrary directories by supplying absolute paths that escape the configured dir.projects root directory. Attackers can craft absolute paths to project marker files...

BIT-MYSQL-SHELL-2026-34319

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Core Client. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes t...

OPENSUSE-SU-2026:10609-1 libruby4_0-4_0-4.0.3-1.1 on GA media

These are all security issues fixed in the libruby40-40-4.0.3-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-34774

OpenClaw before 2026.3.31 lacks a shared pre-auth concurrency budget on the public LINE webhook path, allowing attackers to cause transient availability loss. Remote attackers can flood the webhook endpoint with concurrent requests before signature verification to exhaust resources and degrade...

PT-2026-34870

Name of the Vulnerable Software and Affected Versions libXpm versions prior to 3.5.18-2.1 Description An issue exists in the image parsing functionality of libXpm. Recommendations Update to version 3.5.18-2.1...

OPENSUSE-SU-2026:10608-1 libXpm-devel-3.5.18-2.1 on GA media

These are all security issues fixed in the libXpm-devel-3.5.18-2.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-34594

Name of the Vulnerable Software and Affected Versions Luanti versions 5.0.0 through 5.15.1 Description A malicious mod can escape the sandboxed Lua environment to execute arbitrary code and gain full filesystem access on the user's device. This issue affects server-side mods, async, mapgen, and...

EUVD-2026-25116

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

OPENSUSE-SU-2026:10599-1 cacti-1.2.30+git306.82d5aef5-1.1 on GA media

These are all security issues fixed in the cacti-1.2.30+git306.82d5aef5-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-34329

Name of the Vulnerable Software and Affected Versions camel-infinispan affected versions not specified Description Unsafe deserialization exists in the ProtoStream remote aggregation repository. A remote attacker with low privileges can send specially crafted data to achieve arbitrary code...

EUVD-2026-24420

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Core Client. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes t...

CVE-2026-34319

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Core Client. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes t...

CVE-2026-34317

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Core Client. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Shell executes t...

CVE-2026-34281

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the...

CVE-2026-22009

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...

CVE-2026-31368

AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability...

EUVD-2026-24063

AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability...

CVE-2026-31368 Privilege Bypass in AiAssistant

AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability...

CVE-2026-31368

Technical details are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.