13809 matches found
CVE-2026-27195
Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of TypedFunc::callasync which made it capable of calling async-typed guest export functions. However, that implementation had a bu...
CVE-2026-27195 Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future
Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of TypedFunc::callasync which made it capable of calling async-typed guest export functions. However, that implementation had a bu...
Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future
The affected versions of Wasmtime can panic if the host embedder drops the future returned by wasmtime::component::TypedFunc::callasync before it resolves. Details Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of...
GHSA-XJHV-V822-PF94 Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future
The affected versions of Wasmtime can panic if the host embedder drops the future returned by wasmtime::component::TypedFunc::callasync before it resolves. Details Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of...
RUSTSEC-2026-0022 Panic when dropping a `[Typed]Func::call_async` future
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-xjhv-v822-pf94 For more information see the GitHub-hosted security advisory...
Panic when dropping a `[Typed]Func::call_async` future
This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-xjhv-v822-pf94 For more information see the GitHub-hosted security advisory...
OSV-2026-292 UNKNOWN WRITE in <wasmtime::runtime::func::Func>::call_unchecked_raw::<
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=486503337 Crash type: UNKNOWN WRITE Crash state: ::calluncheckedraw::::queuecall...
CVE-2026-2588
Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems. Sodium.xs casts a STRLEN sizet to unsigned long long when passing a length pointer to libsodium functions. On 32-bit systems sizet is typically 32-bits while an unsigned long long is at least 64-bi...
CVE-2026-2588 Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems
Crypt::NaCl::Sodium versions through 2.001 for Perl has an integer overflow flaw on 32-bit systems. Sodium.xs casts a STRLEN sizet to unsigned long long when passing a length pointer to libsodium functions. On 32-bit systems sizet is typically 32-bits while an unsigned long long is at least 64-bi...
CVE-2026-26319
OpenClaw is a personal AI assistant. Versions 2026.2.13 and below allow the optional @openclaw/voice-call plugin Telnyx webhook handler to accept unsigned inbound webhook requests when telnyx.publicKey is not configured, enabling unauthenticated callers to forge Telnyx events. Telnyx webhooks are...
OpenClaw 代码问题漏洞
OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a code issue vulnerability that stems from a Cron webhook delivery using fetch direct call, which can be exploited by an attacker to cause the webhook target to access private or internal endpoints...
CVE-2026-2042
Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
Security information for Hitachi Disk Array Systems
Overview CVE-2023-31096 | MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability CVE-2024-55414 | Windows Motorola Soft Modem Driver Elevation of Privilege Vulnerability CVE-2026-20804 | Windows Hello Tampering Vulnerability CVE-2026-20805 | Desktop Window...
GHSA-378V-28HJ-76WF bn.js affected by an infinite loop
This affects versions of the package bn.js before 4.12.3 and 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...
CVE-2026-26319
OpenClaw is a personal AI assistant. Versions 2026.2.13 and below allow the optional @openclaw/voice-call plugin Telnyx webhook handler to accept unsigned inbound webhook requests when telnyx.publicKey is not configured, enabling unauthenticated callers to forge Telnyx events. Telnyx webhooks are...
CVE-2026-26319
OpenClaw contains a vulnerability in the optional @openclaw/voice-call Telnyx webhook handler: when telnyx.publicKey is not configured, verification can fail open, allowing unauthenticated HTTP POSTs to be treated as legitimate Telnyx events. Affected versions are 2026.2.13 and earlier; the issue...
CVE-2026-26319 OpenClaw has Missing Webhook Authentication in Telnyx Provider Allowing Unauthenticated Requests
OpenClaw is a personal AI assistant. Versions 2026.2.13 and below allow the optional @openclaw/voice-call plugin Telnyx webhook handler to accept unsigned inbound webhook requests when telnyx.publicKey is not configured, enabling unauthenticated callers to forge Telnyx events. Telnyx webhooks are...
CVE-2026-26319 OpenClaw has Missing Webhook Authentication in Telnyx Provider Allowing Unauthenticated Requests
OpenClaw is a personal AI assistant. Versions 2026.2.13 and below allow the optional @openclaw/voice-call plugin Telnyx webhook handler to accept unsigned inbound webhook requests when telnyx.publicKey is not configured, enabling unauthenticated callers to forge Telnyx events. Telnyx webhooks are...
SUSE-SU-2026:20466-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in findhwthreadmask bsc1249480. - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length...
PT-2026-20776
The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 4.0 to 5.10 via the 'load track note ajax' due to missing validation on a user controlled key. This makes it possible for unauthenticated...