OpenClaw shell-env fallback trusted startup env and could execute attacker-influenced login-shell paths

Summary OpenClaw shell-env fallback trusted startup environment values and could execute attacker-influenced login-shell startup paths before loading env keys. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.1.5 and = 2026.2.21-2 - Fixed on main:...

UBUNTU-CVE-2014-10070

zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment instead of treating them as literal numbers. That could allow local privilege escalation, under some specific and atypical conditions where zsh is being invoked in privilege-elevation...