EUVD-2026-21970

A vulnerability in the TFSMLayer class of the keras package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of .keras models, even when safemode=True. This bypasses the security guarantees of safemode and enables arbitrary attacker-controlled...

CVE-2025-10010

The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...

CVE-2026-27002 OpenClaw: Docker container escape via unvalidated bind mount config injection

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a configuration injection issue in the Docker tool sandbox could allow dangerous Docker options bind mounts, host networking, unconfined profiles to be applied, enabling container escape or host data access. OpenClaw 2026.2.15 block...

CVE-2026-0757

MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability. This vulnerability allows remote attackers to bypass the sandbox on affected installations of MCP Manager for Claude Desktop. User interaction is required to exploit this vulnerability in that the targe...

CVE-2026-0757

MCP Manager for Claude Desktop contains a sandbox-escape command injection vulnerability (CVE-2026-0757). The flaw lies in processing of MCP config objects where an unvalidated user-supplied string is used to invoke a system call, allowing an attacker to escape the sandbox and execute arbitrary c...

CLSA-2025-1766488019 kernel: Fix of 63 CVEs

scsi: target: iscsi: Fix timeout on deleted connection CVE-2025-38075 - tls: wait for pending async decryptions if tlsstrpmsghold fails CVE-2025-40176 - cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 - rcu: Fix rcureadunlock deadloop due to IRQ work...

Apache Kafka Client 安全漏洞

Apache Kafka Client is a Kafka client from the Apache USA Foundation. A security vulnerability exists in Apache Kafka Client that stems from insufficient validation of configuration data, which could lead to arbitrary file reads and server-side request forgery...

DEBIAN-CVE-2022-45132

In Linaro Automated Validation Architecture LAVA before 2022.11.1, remote code execution can be achieved through user-submitted Jinja2 template. The REST API endpoint for validating device configuration files in lava-server loads input as a Jinja2 template in a way that can be used to trigger...

CVE-2021-30166

The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission...

CVE-2017-1000256

libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default...