CVE-2026-32050 OpenClaw < 2026.2.25 - Unauthorized Reaction Status Event Enqueue via Access Check Bypass

OpenClaw versions prior to 2026.2.25 contain an access control vulnerability in signal reaction notification handling that allows unauthorized senders to enqueue status events before authorization checks are applied. Attackers can exploit the reaction-only event path in event-handler.ts to queue...

CVE-2026-32050

OpenClaw is affected in versions prior to 2026.2.25. The vulnerability arises in signal reaction notification handling, where an access control failure allows unauthorized senders to enqueue status events before authorization checks are applied. Specifically, the reaction-only event path in event...

EUVD-2026-13947

OpenClaw versions prior to 2026.2.25 contain an access control vulnerability in signal reaction notification handling that allows unauthorized senders to enqueue status events before authorization checks are applied. Attackers can exploit the reaction-only event path in event-handler.ts to queue...

CVE-2026-32028 OpenClaw < 2026.2.25 - Missing Authorization Check in Discord DM Reaction Ingress

OpenClaw versions prior to 2026.2.25 fail to enforce dmPolicy and allowFrom authorization checks on Discord direct-message reaction notifications, allowing non-allowlisted users to enqueue reaction-derived system events. Attackers can exploit this inconsistency by reacting to bot-authored DM...

OpenClaw: Slack interactive callbacks could skip configured sender checks in some shared-workspace flows

Impact In shared Slack workspace deployments that rely on sender restrictions allowFrom, DM policy, or channel user allowlists, some interactive callbacks blockaction, viewsubmission, viewclosed could be accepted before full sender authorization checks. In that scenario, an unauthorized workspace...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the enqueueSystemEvent process. An attacker can add unauthorized reaction status lines to agent contexts by sending specially crafted reaction-only inbound even...

OpenClaw's Signal reaction-only status events could, in limited cases, be enqueued before access checks

Summary In a narrow Signal reaction-notification path, reaction-only inbound events could enqueue a status event before sender access checks were applied. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.2.24 latest published at patch time - Fixed: 2026.2.25 Details In the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005560)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005560 advisory. In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet t...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005185 advisory. In the Linux kernel, the following vulnerability has been resolved: pfifotailenqueue: Drop new packet when sch-limit == 0 Expected behaviour: In case we reach...

ROS-20260114-7322

A vulnerability in the pfifotailenqueue function net/sched/schfifo.c of the Linux operating system kernel is associated with a functionality mismatch according to the specification. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of...

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.12.el7.AXS7 (AXSA:2025-10504:42)

"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10504:42 advisory. pfifotailenqueue: Drop new packet when sch-limit == 0 CVE-2025-21702 xfs: add bounds checking to xlogrecoverprocessdata CVE-2024-41014 netfilter:...

PT-2026-27736

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s scheduling logic related to SCHED DEADLINE tasks. Specifically, when a SCHED DEADLINE task changes to a lower priority class using sched setscheduler,...

CVE-2025-68325

In the Linux kernel, the following vulnerability has been resolved: net/sched: schcake: Fix incorrect qlen reduction in cakedrop In cakedrop, qdisctreereducebacklog is used to update the qlen and backlog of the qdisc hierarchy. Its caller, cakeenqueue, assumes that the parent qdisc will enqueue t...

UBUNTU-CVE-2023-53821

In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...

CVE-2023-53821

In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...

CVE-2025-12720

The g-FFL Cockpit plugin for WordPress is vulnerable to unauthorized modification of data due to IP-based authorization that can be spoofed in the handleenqueueonly function in all versions up to, and including, 1.7.1. This makes it possible for unauthenticated attackers to delete arbitrary...

CVE-2025-12720

The g-FFL Cockpit plugin for WordPress is vulnerable to unauthorized modification of data due to IP-based authorization that can be spoofed in the handleenqueueonly function in all versions up to, and including, 1.7.1. This makes it possible for unauthenticated attackers to delete arbitrary...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-21702)

pfifotailenqueue: Drop new packet when sch-limit == 0. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503912; scriptversion"1.2";...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...

CVE-2025-63929

A null pointer dereference vulnerability exists in airpig2011 IEC104 thru Commit be6d841 2019-07-08. When multiple threads enqueue elements concurrently via IEC10XPrioEnQueue, the function may dereference a null or freed queue pointer, resulting in a segmentation fault and potential...