CVE-2026-35633 OpenClaw < 2026.3.22 - Unbounded Memory Allocation via Remote Media Error Responses

OpenClaw before 2026.3.22 contains an unbounded memory allocation vulnerability in remote media HTTP error handling that allows attackers to trigger excessive memory consumption. Attackers can send crafted HTTP error responses with large bodies to remote media endpoints, causing the application t...

CVE-2026-5187

Two potential heap out-of-bounds write locations existed in DecodeObjectId in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values out0 and out1, enabling a 2-byte out-of-bounds write when outSz equals 1. Second, multiple callers pass...

CVE-2026-5187

Two potential heap out-of-bounds write locations existed in DecodeObjectId in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values out0 and out1, enabling a 2-byte out-of-bounds write when outSz equals 1. Second, multiple callers pass...

CVE-2026-34941

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

CVE-2026-34941 Wasmtime has a Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

EUVD-2026-20918

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

DEBIAN-CVE-2026-5441

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

OPENSUSE-SU-2026:20499-1 Security update for ovmf

This update for ovmf fixes the following issue: - CVE-2025-59438: mbedtls: padding oracle attack possible through timing of cipher error reporting bsc1252441...

Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.53 fixes various security issues The following security issues were fixed: CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689...

SUSE-SU-2026:21060-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

SUSE-SU-2026:21058-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

SUSE-SU-2026:21087-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

SUSE-SU-2026:21055-1 Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

SUSE-SU-2026:21081-1 Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf bsc1256780. - CVE-2026-22999: net/sched: schqfq: do not free...

SUSE-SU-2026:21050-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

SUSE-SU-2026:21047-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

SUSE-SU-2026:21075-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

SUSE-SU-2026:21042-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-40159: xsk: Harden userspace-supplied xdpdesc validation bsc1253404. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in...

SUSE-SU-2026:21073-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

SUSE-SU-2026:21005-1 Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf bsc1256780. - CVE-2026-22999: net/sched: schqfq: do not fre...