CVE-2026-32038 OpenClaw - Sandbox Network Isolation Bypass via docker.network=container Parameter

OpenClaw before 2026.2.24 contains a sandbox network isolation bypass vulnerability that allows trusted operators to join another container's network namespace. Attackers can configure the docker.network parameter with container: values to reach services in target container namespaces and bypass...

CVE-2026-32038

OpenClaw before 2026.2.24 contains a sandbox network isolation bypass vulnerability that allows trusted operators to join another container's network namespace. Attackers can configure the docker.network parameter with container: values to reach services in target container namespaces and bypass...

CVE-2026-32038

OpenClaw before 2026.2.24 contains a sandbox network isolation bypass allowing a trusted operator to join another container’s network namespace by configuring the docker.network parameter with container: values. This enables access to services in the target container namespaces and bypasses netwo...

CVE-2026-32747

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the globalCopyFiles API eads source files using filepath.Abs with no workspace boundary check, relying solely on util.IsSensitivePath whose blocklist omits /proc/, /run/secrets/, and home directory dotfiles. An admin c...

CVE-2026-32749 SiYuan importSY/importZipMd: Path Traversal via multipart filename enables arbitrary file write

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outsi...

CVE-2026-32747 SiYuan: Incomplete sensitive path blocklist in globalCopyFiles allows reading /proc and Docker secrets

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the globalCopyFiles API eads source files using filepath.Abs with no workspace boundary check, relying solely on util.IsSensitivePath whose blocklist omits /proc/, /run/secrets/, and home directory dotfiles. An admin c...

CVE-2026-32747 SiYuan: Incomplete sensitive path blocklist in globalCopyFiles allows reading /proc and Docker secrets

SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the globalCopyFiles API eads source files using filepath.Abs with no workspace boundary check, relying solely on util.IsSensitivePath whose blocklist omits /proc/, /run/secrets/, and home directory dotfiles. An admin c...

ROS-20260319-73-0008

A vulnerability in the indocker plugin of the extractname function of the Fluent Bit log collection and processing tool is related to a stacked buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

openSUSE 16 Security Update : docker-stable (openSUSE-SU-2026:20366-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20366-1 advisory. - CVE-2025-58181: Fixed unbounded memory consumption. bsc1253904 - CVE-2025-30204: Fixed a bug in jwt-go which allows excessive memory allocatio...

Exploit for Deserialization of Untrusted Data in Apache Activemq

Security Engineer — Test Task A self-contained Docker environ...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 — Apache HTTP Server 2.4.49 Path Traversal / RC...

Heimdall: Path received via Envoy gRPC corrupted when containing query string

Summary When using heimdall in envoy gRPC decision API mode, wrong encoding of the query URL string allows rules with non-wildcard path expressions to be bypassed. The HTTP based decision API is NOT affected, and proxy mode is NOT affected either. Note: The issue can only lead to unintended acces...

Exploit for CVE-2026-32746

autohack Autonomous security research framework. Inspired by...

Malicious code in aboba-docker-check (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26f70d5c9dc1e1da906b5cf42b16c19dcfdb4d626d01b055abfe97d2d7e0c69a The package aboba-docker-check was found to contain malicious code...

MAL-2026-1644 Malicious code in aboba-docker-check (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26f70d5c9dc1e1da906b5cf42b16c19dcfdb4d626d01b055abfe97d2d7e0c69a The package aboba-docker-check was found to contain malicious code...

PT-2026-26217

Name of the Vulnerable Software and Affected Versions NLTK versions 3.9.3 and prior Description NLTK Natural Language Toolkit contains a reflected cross-site scripting XSS issue in the lookup ... route of nltk.app.wordnet app. A crafted lookup URL can inject arbitrary HTML/JavaScript into the...

Security update for docker-stable (important)

openSUSE security update: security update for docker-stable ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20366-1 Rating: important References: bsc1240513 bsc1253904 bsc1254206 Cross-References: CVE-2025-30204 CVE-2025-58181 CVSS scores:...

Exploit for Code Injection in Vmware Spring_Framework

CVE-2022-22965 · Spring4Shell 취약점 교육 실습 ⚠️ 경고 Warning...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2026-1603)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2026-1575)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...