Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fixed a potential memory overflow issue with staticcommandline. We allocated memory of size ‘xlen + strlenbootcommandline + 1 for staticcommandline. However, the strings copied into staticcommandline were actually fr...

[SECURITY] Fedora 44 Update: xen-4.21.1-2.fc44

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

AutoStrike

Gemini Bug Bounty Find security vulnerabilities, get paid...

EUVD-2026-26474

Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident...

CVE-2026-42994

Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident...

Exploit for CVE-2026-31431

CVE-2026-31431 "Copy Fail" — Ansible Mitigation Recipe !C...

[SECURITY] Fedora 44 Update: glow-2.1.2-1.fc44

Glow is a terminal based markdown reader designed from the ground up to bring out the beauty=E2=80=94and power=E2=80=94of the CLI. Use it to discover mark down files, read documentation directly on the command line. Glow will find local markdown files in subdirectories or a local Git repository...

[SECURITY] Fedora 44 Update: vhs-0.11.0-2.fc44

Write terminal GIFs as code for integration testing and demoing your CLI tool s...

[SECURITY] Fedora 43 Update: xen-4.20.3-2.fc43

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

[SECURITY] Fedora 42 Update: glow-2.1.2-1.fc42

Glow is a terminal based markdown reader designed from the ground up to bring out the beauty=E2=80=94and power=E2=80=94of the CLI. Use it to discover mark down files, read documentation directly on the command line. Glow will find local markdown files in subdirectories or a local Git repository...

PT-2026-36295

Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident...

Bitwarden CLI 操作系统命令注入漏洞

Bitwarden CLI is a command-line password management tool provided by Bitwarden Corporation. Version 2026.4.0 of Bitwarden CLI contains a vulnerability related to operating system command injection, which stems from the embedding of malicious code when retrieving it via npm...

Docker Desktop < 4.59.0 ECI Privilege Escalation (CVE-2026-6406)

The version of Docker Desktop installed on the remote host is prior to 4.59.0. It is, therefore, affected by a local privilege escalation vulnerability: - A flaw exists in the Enhanced Container Isolation ECI feature related to processing of Docker CLI arguments. The issue results from an exposed...

CVE-2026-24231

NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...

CVE-2026-41384

OpenClaw before 2026.3.24 contains an environment variable injection vulnerability in the CLI backend runner that allows attackers to inject malicious environment variables through workspace configuration. Attackers can craft malicious workspace configs to inject arbitrary environment variables...

CVE-2026-41384 OpenClaw < 2026.3.24 - Environment Variable Injection via Workspace Config in CLI Backend

OpenClaw before 2026.3.24 contains an environment variable injection vulnerability in the CLI backend runner that allows attackers to inject malicious environment variables through workspace configuration. Attackers can craft malicious workspace configs to inject arbitrary environment variables...

CVE-2026-41384

OpenClaw prior to 2026.3.24 contains an environment variable injection vulnerability in the CLI backend runner that allows malicious workspace configs to inject environment variables into the spawned backend process, enabling code execution or sensitive data exposure. Affected package: openclaw (...

CVE-2026-24231

NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...

CVE-2026-24231

NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...

CVE-2026-24231

NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...