CVE-2026-40010 Apache Wicket: possible session fixation using AuthenticatedWebSession

Missing invocation of Servlet http web request method changeSessionId after session binding can be exploited for a session fixation attack in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, 9.0.0, from 10.0.0 through 10.8.0. Users are recommended to upgrade to version...

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, where the listening address is bound to 0.0.0.0, allowing malicious parties on the same network to...

Oracle Linux 10 : kernel (ELSA-2026-13566)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13566 advisory. - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Vladislav Dronov RHEL-172211 CVE-2026-31431 - crypto: authencesn ...

PT-2026-37529

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the v4l2-async component of the media subsystem regarding error handling after a match is found with an fwnode. Specifically, if the v4l2 async match notify function...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lapbethdatatransmit function expecting the underlying device type to be ARPHRDETHER. Failure ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the AFXDP binding not verifying whether the device MTU is suitable for the UMEM frame size,...

RHCOS 4 : OpenShift Container Platform 4.5.6 (RHSA-2020:3453)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3453 advisory. - jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps CVE-2020-2181 -...

RHCOS 4 : OpenShift Container Platform 4.3.40 jenkins-2-plugins (RHSA-2020:4265)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4265 advisory. - jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps CVE-2020-2181 -...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of suppression of the sysfs binding attributes in the reset gpio process. This...

Apache Wicket 授权问题漏洞

Apache Wicket is an open-source, lightweight, component-based framework developed by the Apache Foundation in the United States. It provides an object-oriented approach for developing web-based dynamic UI applications. Versions of Apache Wicket from 8.0.0 to 8.17.0, 9.0.0, and 10.0.0 to 10.8.0...

PT-2026-38236

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.10 Description An improper network binding issue exists in the sandbox browser CDP relay, which exposes the Chrome DevTools Protocol on 0.0.0.0. This overly broad binding configuration allows attackers to acce...

GHSA-9HMG-827W-9RHJ nuts-node has JWT type confusion in v1 access token introspection that allows VP replay as access token

Summary The v1 access token introspection endpoint /auth/v1/introspectaccesstoken accepts any JWT signed by a key present on the node, without validating the JWT type, issuer-to-key binding, or required claims. This allows a Verifiable Presentation VP JWT to be replayed as an access token and...

nuts-node has JWT type confusion in v1 access token introspection that allows VP replay as access token

Summary The v1 access token introspection endpoint /auth/v1/introspectaccesstoken accepts any JWT signed by a key present on the node, without validating the JWT type, issuer-to-key binding, or required claims. This allows a Verifiable Presentation VP JWT to be replayed as an access token and...

CVE-2026-43530 OpenClaw 2026.2.23 < 2026.4.12 - Weakened Exec Approval Binding via busybox and toybox Applet Execution

OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet would actually run. Attackers can exploit opaque multi-call binaries to bypass exec approval mechanisms and weak...

CVE-2026-43530 OpenClaw 2026.2.23 < 2026.4.12 - Weakened Exec Approval Binding via busybox and toybox Applet Execution

OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet would actually run. Attackers can exploit opaque multi-call binaries to bypass exec approval mechanisms and weak...

PT-2026-37245

Name of the Vulnerable Software and Affected Versions nuts-node versions prior to 5.4.31 nuts-node versions prior to 6.2.3 Description The v1 access token introspection endpoint '/auth/v1/introspect access token' accepts any JSON Web Token JWT signed by a key present on the node without validatin...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl/ras: Fixed the device confusion in the CPER handler. Upon inspection, the cxlcperhandleproterr function makes several fragile assumptions that can lead to crashes: 1. It assumes that the endpoints identified in the record...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix bridge lifetime Device-managed resources allocated after component binding must be tied to the lifetime of the DRM device. Otherwise, these resources may not be released when binding the DRM device is deferred. Th...

CLSA-2026-1777545003 rpm: Fix of CVE-2021-3521

CVE-2021-3521: validate and require subkey binding signatures on PGP public keys...

PT-2026-36290

A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsf sess add by ip address of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a manipulation of the argument ipv4Addr can lead to denial of service. The attack can be launched...