CVE-2026-32882

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

DEBIAN-CVE-2026-32882

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

EUVD-2026-30981

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay in libheif/pixelimage.cc. When compositing an overlay image iovl whose child image has a different bit depth for the alpha channel than for the color...

PT-2026-42007

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description A heap buffer over-read exists in the HeifPixelImage::overlay function within libheif/pixelimage.cc. This occurs when compositing an overlay image where the child image uses a different bit depth fo...

CVE-2026-27183 OpenClaw < 2026.3.7 - Shell Approval Gating Bypass via Dispatch Wrapper Depth Mismatch

OpenClaw versions prior to 2026.3.7 contain a shell approval gating bypass vulnerability in system.run dispatch-wrapper handling that allows attackers to skip shell wrapper approval requirements. The approval classifier and execution planner apply different depth-boundary rules, permitting exactl...

CVE-2026-27183

OpenClaw vulnerable up to 2026.3.6. The issue lies in system.run dispatch-wrapper handling where the approval classifier and execution planner use different depth-boundary rules, allowing exactly four transparent dispatch wrappers before /bin/sh -c and bypassing the shell approval gating. This mi...

CVE-2026-27183 OpenClaw < 2026.3.7 - Shell Approval Gating Bypass via Dispatch Wrapper Depth Mismatch

OpenClaw versions prior to 2026.3.7 contain a shell approval gating bypass vulnerability in system.run dispatch-wrapper handling that allows attackers to skip shell wrapper approval requirements. The approval classifier and execution planner apply different depth-boundary rules, permitting exactl...

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an authentication bypass vulnerability caused by a /api/channels route classification flaw due to a mismatch in the depth of normalization between authentication path classification and route path...

UBUNTU-CVE-2022-48998

In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf/32: Fix Oops on tail call tests testbpf tail call tests end up as: testbpf: 0 Tail call leaf jited:1 85 PASS testbpf: 1 Tail call 2 jited:1 111 PASS testbpf: 2 Tail call 3 jited:1 145 PASS testbpf: 3 Tail call 4 jited...

SUSE CVE-2015-4512

gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a...

DEBIAN-CVE-2013-2277

The ffh264decodeseqparameterset function in h264ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between luma depth and chroma depth, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecifie...