Time-of-check Time-of-use (TOCTOU) Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition in the readFile process of the remote file system bridge due to a time-of-check to time-of-use TOCTOU race condition. An attacker can gain...

OpenClaw: Sandbox escape via TOCTOU race in remote FS bridge readFile

Summary Sandbox escape via TOCTOU race in remote FS bridge readFile Current Maintainer Triage - Normalized severity: critical - Assessment: v2026.3.28 remote sandbox reads still do path-check then separate file read, so the TOCTOU sandbox escape remains present in the latest shipped tag. Affected...

Arbitrary File Upload

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Arbitrary File Upload via the Mirror Sync process. An attacker can escape the intended sandbox and gain unauthorized access to files outside the designated directory by exploiting...

GHSA-CWF8-44X6-32C2 OpenClaw: OpenShell Mirror Sync — Sandbox Escape via Unrestricted File Sync + Symlink Traversal

Summary OpenShell Mirror Sync: Sandbox Escape via Unrestricted File Sync + Symlink Traversal Current Maintainer Triage - Status: narrow - Normalized severity: high - Assessment: v2026.3.28 still has the mirror-boundary bug because shipped c02ee8 only excluded hooks while unreleased 3b9dab is the...

OpenClaw: OpenShell Mirror Sync — Sandbox Escape via Unrestricted File Sync + Symlink Traversal

Summary OpenShell Mirror Sync: Sandbox Escape via Unrestricted File Sync + Symlink Traversal Current Maintainer Triage - Status: narrow - Normalized severity: high - Assessment: v2026.3.28 still has the mirror-boundary bug because shipped c02ee8 only excluded hooks while unreleased 3b9dab is the...

OSV-2026-512 Heap-buffer-overflow in g_utf8_get_char

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=498475244 Crash type: Heap-buffer-overflow READ 1 Crash state: gutf8getchar gmarkupescapetext fuzzmarkupescapetext.c...

PT-2026-30283

Impact Links and image links in the default markdown to HTML renderer are not properly escaped. Hugo users who trust their Markdown content or have custom render hooks for links and images are not affected. Patches Patched in v0.159.2 Workarounds Create custom render hooks for links and images in...

Microsoft Edge (Chromium) < 146.0.3856.97 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 146.0.3856.97. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2, 2026 advisory. - Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to...

AlmaLinux 9 : thunderbird (ALSA-2026:6188)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:6188 advisory. firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-4701 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34...

Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-8141-1)

"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8141-1 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these...

EUVD-2024-55528

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges...

EUVD-2025-209197

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.6. An app may be able to break out of its sandbox...

GHSA-V6X5-CG8R-VV6X Rack's multipart header parsing allows Denial of Service via escape-heavy quoted parameters

Summary Rack::Multipart::Parserhandlemimehead parses quoted multipart parameters such as Content-Disposition: form-data; name="..." using repeated Stringindex searches combined with Stringslice! prefix deletion. For escape-heavy quoted values, this causes super-linear processing. An unauthenticat...

Rack's multipart header parsing allows Denial of Service via escape-heavy quoted parameters

Summary Rack::Multipart::Parserhandlemimehead parses quoted multipart parameters such as Content-Disposition: form-data; name="..." using repeated Stringindex searches combined with Stringslice! prefix deletion. For escape-heavy quoted values, this causes super-linear processing. An unauthenticat...

CVE-2024-44250

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges...

CVE-2024-40849

A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to break out of its sandbox...

CVE-2025-43257

CVE-2025-43257 affects macOS Sequoia (15.6) with a vulnerability in how symlinks are handled that could allow an app to break out of its sandbox. The issue is fixed in macOS Sequoia 15.6. Other connected sources corroborate a sandbox bypass under macOS Sequoia, but exploitation details are not pr...

CVE-2025-43257

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.6. An app may be able to break out of its sandbox...

CVE-2024-40849

A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to break out of its sandbox...

CVE-2024-44250

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges...