8286 matches found
CVE-2026-27524 OpenClaw < 2026.2.21 - Prototype Pollution via Debug Override Path
OpenClaw versions prior to 2026.2.21 accept prototype-reserved keys in runtime /debug set override object values, allowing prototype pollution attacks. Authorized /debug set callers can inject proto, constructor, or prototype keys to manipulate object prototypes and bypass command gate restrictio...
CVE-2026-27524
OpenClaw before version 2026.2.21 is vulnerable to prototype pollution via the runtime /debug set override path. Authorized /debug set callers can inject critical keys (proto , constructor, prototype) to modify object prototypes and bypass command gate restrictions, as described across CVE-2026-2...
EUVD-2026-12736
OpenClaw versions prior to 2026.2.21 accept prototype-reserved keys in runtime /debug set override object values, allowing prototype pollution attacks. Authorized /debug set callers can inject proto, constructor, or prototype keys to manipulate object prototypes and bypass command gate restrictio...
PT-2026-26133
Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.174, 15G and 16G versions prior to 7.10.90.00, contain an Exposure of Sensitive System Information Due to Uncleared Debug Information vulnerability. A high privileged attacker with remote access could potentially explo...
GHSA-R7VR-GR74-94P8 OpenClaw: Command-authorized non-owners could reach owner-only `/config` and `/debug` surfaces
Summary OpenClaw documented /config and /debug as owner-only commands, but the command handlers checked only whether the sender was command-authorized. A lower-trust sender who was intentionally allowed to run commands could still reach privileged configuration and debugging surfaces. Impact This...
OpenClaw: Command-authorized non-owners could reach owner-only `/config` and `/debug` surfaces
Summary OpenClaw documented /config and /debug as owner-only commands, but the command handlers checked only whether the sender was command-authorized. A lower-trust sender who was intentionally allowed to run commands could still reach privileged configuration and debugging surfaces. Impact This...
OPENSUSE-SU-2026:20361-1 Security update for osc, obs-scm-bridge
This update for osc, obs-scm-bridge fixes the following issues: Changes in osc: - 1.24.0 - Command-line: - Add '--target-owner' option to 'git-obs repo fork' command - Add '--self' parameter to fix 'no matching parent repo' error message in 'git-obs pr create' - Fix 'osc aggregatepac' for scmsync...
SUSE CVE-2025-69648
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debugrnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a...
SUSE CVE-2025-69652
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...
Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file.
...
Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. A logic error in the handling of the debug_rnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an unbounded logging loop until the process is interrupted. The issue was observed in binutils 2.44. A local attacker can exploit this vulnerability by supplying a malicious input file, leading to excessive CPU and I/O usage and preventing completion of the objdump analysis.
...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in AuthorizeDebugRequest function, which handles requests to the HTTP debug endpoints on port 15014. An attacker can gain unauthorized access to protected services by sending requests with multiple header values...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in AuthorizeDebugRequest function, which handles requests to the HTTP debug endpoints on port 15014. An attacker can gain unauthorized access to protected services by sending requests with multiple header values...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in AuthorizeDebugRequest function, which handles requests to the HTTP debug endpoints on port 15014. An attacker can gain unauthorized access to protected services by sending requests with multiple header values...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in AuthorizeDebugRequest function, which handles requests to the HTTP debug endpoints on port 15014. An attacker can gain unauthorized access to protected services by sending requests with multiple header values...
CVE-2026-31838 Istio HTTP debug endpoints on port 15014 to enforce namespace-based authorization, preventing cross-namespace proxy data access.
Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...
CVE-2026-31838 Istio HTTP debug endpoints on port 15014 to enforce namespace-based authorization, preventing cross-namespace proxy data access.
Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...
CVE-2025-69648
A flaw was found in binutils. Processing a specially crafted ELF binary file containing malformed DWARF .debugrnglists data with the readelf program can trigger an infinite loop and result in a denial of service. Mitigation To mitigate this vulnerability, do not process untrusted, unverified or...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop in the debugrnglists function. An attacker can cause the application to enter a non-terminating output loop by supplying a crafted binary with malformed DWARF, resulting in repeated warning messages and requiring manual...
EUVD-2025-208414
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debugrnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a...