CVE-2026-41349 OpenClaw < 2026.3.28 - Agentic Consent Bypass via config.patch

OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval via config.patch parameter. Remote attackers can exploit this to bypass security controls and execute unauthorized operations without user consent...

OpenBao allows cancellation of root rekey and recovery rekey operations without authentication

Impact OpenBao and HashiCorp Vault allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of service. Patches In OpenBao v2.2.2 and later, manually setting the configuration option disableunauthedrekeyendpoints=true...

GHSA-PRPJ-RCHP-9J5H OpenBao allows cancellation of root rekey and recovery rekey operations without authentication

Impact OpenBao and HashiCorp Vault allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of service. Patches In OpenBao v2.2.2 and later, manually setting the configuration option disableunauthedrekeyendpoints=true...

CVE-2025-52894

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of...

openSUSE Security Update : phpMyAdmin (openSUSE-2012-18)

update to 3.4.9 - bug 3442028 edit Inline editing enum fields with null shows no dropdown - bug 3442004 interface DB suggestion not correct for user with underscore - bug 3438420 core Magic quotes removed in PHP 5.4 - bug 3398788 session No feedback when result is empty signon authtype - bug...