USN-8301-1 simpleeval vulnerability

Byambadalai Sumiya discovered that SimpleEval did not properly restrict attribute access and callback handling inside a sandbox. An attacker could possibly use this issue to execute arbitrary code...

CVE-2026-35664

OpenClaw before 2026.3.25 contains an authentication bypass vulnerability in raw card send surface that allows unpaired recipients to mint legacy callback payloads. Attackers can send raw card commands to bypass DM pairing restrictions and reach callback handling without proper authorization...

CVE-2026-35664

OpenClaw before 2026.3.25 contains an authentication bypass vulnerability in raw card send surface that allows unpaired recipients to mint legacy callback payloads. Attackers can send raw card commands to bypass DM pairing restrictions and reach callback handling without proper authorization...

EUVD-2026-21468

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirements. Remote attackers can exploit weaker callback-only authorization in direct messages to bypas...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the callback handling process. An attacker can gain unauthorized access to callback functionality by sending specially crafted legacy raw card payloads that...

PT-2026-23097

Name of the Vulnerable Software and Affected Versions Locutus versions prior to 3.0.0 Description Locutus, a library designed to bring standard libraries from other programming languages to JavaScript for educational purposes, contains a remote code execution RCE flaw. This issue resides within t...

Xinhu Rainrock RockOA 安全漏洞

Xinhu Rainrock RockOA is an office automation system from China Xinhu Company. A security vulnerability exists in Xinhu Rainrock RockOA 2.7.1 and earlier versions, which originates from the incorrect operation of the callback parameter in the file rockfun.php, and may lead to a cross-site scripti...

CVE-2025-68194

CVE-2025-68194 pertains to the Linux kernel USB video driver for the imon remote, where three related issues in usb_rx_callback_intf0 can cause hung tasks. The problems arise from: 1) after a -EPROTO error when ictx->dev_present_intf0 is true, the driver resubmits the URB, causing printk flood...

ROS-20251111-08

A vulnerability in the Python module that provides an interface to c-ares pycares is related to an error in the use of memory after release, caused by incorrect handling of callback references when destroying the Channel object. Exploitation of the vulnerability could allow an attacker acting...

PT-2025-27713

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A vulnerability in the Linux kernel has been resolved, related to the ice driver's Tx scheduler error handling in the XDP callback. When the XDP program is loaded, it adds new Tx...

CVE-2022-49321

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: treat all calls not a bcall when bcserv is NULL When a rdma server returns a fault format reply, nfs v3 client may treats it as a bcall when bc service is not exist. The debug message at rpcrdmabcreceivecall are,...

RUSTSEC-2025-0004 ssl::select_next_proto use after free

In openssl versions before 0.10.70, ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the server buffer's lifetime is shorter than the client buffer's, this can cause a use after free. This coul...

CVE-2024-41570

An Unauthenticated Server-Side Request Forgery SSRF in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server...

CVE-2024-41570

CVE-2024-41570 describes an unauthenticated SSRF in Havoc 2 (team server) demon callback handling, enabling attackers to cause arbitrary network traffic to be emitted from the Havoc team server. Connected sources confirm visible exploit PoCs and chained RCE narratives in Havoc C2-related reposito...

kernel: wifi: ath6kl: reduce WARN to dev_dbg() in callback

In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: reduce WARN to devdbg in callback The warn is triggered on a known race condition, documented in the code above the test, that is correctly handled. Using WARN hinders automated testing. Reducing severity...

USN-6237-3 curl vulnerabilities

USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote...

USN-6237-2 curl regression

USN-6237-1 fixed vulnerabilities in curl. The update caused a certificate wildcard handling regression on Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Hiroki Kurosawa discovered that curl incorrectly handled validating certain...

USN-6237-1: curl vulnerabilities

Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. CVE-2023-28321 Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain...

SUSE CVE-2014-9732

The cabdextract function in cabd.c in libmspack before 0.5 does not properly maintain decompression callbacks in certain cases where an invalid file follows a valid file, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted CAB...