Astra Linux - уязвимость в containerd

Containerd is an open-source container runtime. A bug was discovered in the CRI implementation of Containerd, where programs within a container can cause the Containerd daemon to consume memory indefinitely during the invocation of the ExecSync API. This can result in Containerd consuming all...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Check GuC running state before deregistering exec queue In normal operation, a registered exec queue is disabled and deregistered through the GuC, and freed only after the GuC confirms completion. However, if the driv...

CVE-2026-42426

OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged users to approve node pairing. Attackers with operator.write permissions can bypass pairi...

CVE-2026-41392

OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options like --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while...

CVE-2026-42432

OpenClaw vulnerable component: the node-pairing flow in the OpenClaw npm package allows a previously paired node to reconnect and run exec-capable commands without operator.admin re-pair authentication, enabling local privilege escalation. Affected versions include

EUVD-2026-26128

OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged users to approve node pairing. Attackers with operator.write permissions can bypass pairi...

CVE-2026-42426 OpenClaw < 2026.4.8 - Improper Authorization in node.pair.approve via operator.write Scope

OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged users to approve node pairing. Attackers with operator.write permissions can bypass pairi...

CVE-2026-41915 OpenClaw < 2026.4.8 - Git Environment Variable Injection via Unfiltered Exec Environment

OpenClaw before 2026.4.8 fails to remove git plumbing environment variables from the execution environment before host exec operations. Attackers can exploit this by setting GITDIR and related variables to redirect git operations and compromise repository integrity...

CVE-2026-41392

OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options like --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while...

CVE-2026-41392

OpenClaw has a vulnerability (CVE-2026-41392) where exec allowlist matching can be bypassed by shell init-file wrapper invocations. Affected product: OpenClaw before 2026.3.31. Attack path involves using shell options such as --rcfile, --init-file, and --startup-file to load attacker-controlled i...

EUVD-2026-26100

OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options like --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while...

CVE-2026-41390 OpenClaw < 2026.3.28 - Exec Allowlist Bypass via Unregistered /usr/bin/script Wrapper

OpenClaw before 2026.3.28 contains an exec allowlist bypass vulnerability where allow-always persistence fails to unwrap /usr/bin/script and similar wrappers before storing trust decisions. Attackers can obtain user approval for one wrapped command to persist trust for wrapper binaries that execu...

mongo-express Remote Code Execution

mongo-express before 0.54.0 is vulnerable to remote code execution via endpoints that uses the toBSON method and misuse the vm dependency to perform exec commands in a non-safe environment. id: CVE-2019-10758 info: name: mongo-express Remote Code Execution author: princechaddha severity: critical...

PT-2026-35765

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28 Description An execution approval issue exists in exec-approvals-allowlist.ts where allow-always persistence trusts wrapper carrier executables instead of the actual invoked targets. This allows attackers t...

PT-2026-35804

OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged users to approve node pairing. Attackers with operator.write permissions can bypass pairi...

PT-2026-35758

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description An incomplete host-env-security-policy.json fails to restrict compiler binary environment variables. This allows untrusted models to substitute CC, CXX, CARGO BUILD RUSTC, and CMAKE C COMPILER...

PT-2026-35776

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description An exec allowlist bypass allows attackers to inherit allowlist trust through shell init-file wrapper invocations. By utilizing shell options such as --rcfile, --init-file, and --startup-file,...

GHSA-695C-X5GC-94GJ Apache camel-coap allows header injection that can lead to remote code execution

Apache Camel's camel-coap component is vulnerable to header injection because it maps CoAP request URI query parameters directly into Camel message headers without applying a HeaderFilterStrategy. An unauthenticated attacker can send a crafted CoAP request to inject arbitrary Camel internal heade...

EUVD-2026-25736

A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function execopenstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has...

CVE-2026-7066

A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function execopenstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has...