CVE-2026-43578

OpenClaw 2026.3.31 before 2026.4.10 is affected by a privilege-escalation vulnerability in which heartbeat owner downgrade detection misses local background async exec completion events. Attackers can provide untrusted completion content to leave a run in a more privileged context than intended. ...

CVE-2026-43578 OpenClaw 2026.3.31 < 2026.4.10 - Privilege Escalation via Missed Async Exec Completion Events in Heartbeat Owner Downgrade

OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can exploit this by providing untrusted completion content to leave a run in a more privileged contex...

CVE-2026-43578 OpenClaw 2026.3.31 < 2026.4.10 - Privilege Escalation via Missed Async Exec Completion Events in Heartbeat Owner Downgrade

OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers can exploit this by providing untrusted completion content to leave a run in a more privileged contex...

PT-2026-38233

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.3.31 through 2026.4.9 Description A privilege escalation issue exists where heartbeat owner downgrade detection fails to identify local background async exec completion events. This allows attackers to provide untrusted...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from race conditions during the processing of AR response events. This vulnerability may cause errors when...

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of the return value of iopolladd. This vulnerability may lead to the loss of...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the possibility that RDMA bnxtre may process completion events even after destroying QPs, potentially leadin...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing image encoding completion events...

CVE-2025-39790

CVE-2025-39790 : In the Linux kernel, the bus: mhi: host implementation could mis-handle completion events when a device points a TRE pointer ahead of the host’s ring read pointer, enabling a window where a stale TRE is read and its buffer freed twice. The published description documents that thi...

UBUNTU-CVE-2025-21892

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP, ensuring tasks do not get stuck, as highlighted by the call trace 1. During recovery, before transitioning the QP to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from ignoring multiple connection completion events, which could lead to memory corruption...

PT-2024-30730

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the handling of CEQEs in the interrupt handler, which can cause the CPU core to stay in interrupt context too long and lead to soft lockup under heavy load. To...