CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/03/19 2:16 a.m.•4 views

CVE-2026-31995

OpenClaw versions 2026.1.21 prior to 2026.2.19 contain a command injection vulnerability in the Lobster extension's Windows shell fallback mechanism that allows attackers to inject arbitrary commands through tool-provided arguments. When spawn failures trigger shell fallback with shell: true,...

7CVSS0.00525EPSS

OSV•added 2026/03/19 2:16 a.m.•1 views

CVE-2026-31995

7CVSS6.1AI score

Cvelist•added 2026/03/19 1:0 a.m.•19 views

CVE-2026-32000 OpenClaw < 2026.2.19 - Command Injection via Windows Shell Fallback in Lobster Tool Execution

7.1CVSS0.00618EPSS

ATTACKERKB•added 2026/03/19 1:0 a.m.•1 views

CVE-2026-32000

6.3CVSS6.2AI score0.00618EPSS

ATTACKERKB•added 2026/03/19 1:0 a.m.•1 views

CVE-2026-31995

5.8CVSS6AI score0.00525EPSS

Exploits0References4Affected Software1

CVE•added 2026/03/19 1:0 a.m.•10 views

CVE-2026-31995

OpenClaw is affected: versions 2026.1.21 up to 2026.2.18 include a command injection in the Lobster extension’s Windows shell fallback mechanism. When spawn failures trigger shell: true and arguments are provided by the workflow, cmd.exe command interpretation can be exploited to execute arbitrar...

7CVSS6AI score0.00525EPSS

Exploits0References3Affected Software1

SUSE CVE•added 2026/03/19 12:30 a.m.•4 views

SUSE CVE-2025-71269

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reservation in fallback from inline due to -ENOSPC If we fail to create an inline extent due to -ENOSPC, we will attempt to go through the normal COW path, reserve an extent, create an ordered extent, etc...

4.7CVSS5.6AI score0.00114EPSS

Exploits0References16

CNNVD•added 2026/03/19 12:0 a.m.•2 views

OpenClaw 代码问题漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a code issue vulnerability that is caused by an arbitrary shell execution flaw in the shell environment fallback. An attacker can exploit the vulnerability to execute arbitrary commands on the system...

7.8CVSS6.3AI score0.00127EPSS

EUVD•added 2026/03/18 6:31 p.m.•0 views

EUVD-2025-208842

5.7AI score0.00114EPSS

NVD•added 2026/03/18 6:16 p.m.•3 views

CVE-2025-71269

5.5CVSS0.00114EPSS

UbuntuCve•added 2026/03/18 6:16 p.m.•3 views

CVE-2025-71269

OSV•added 2026/03/18 6:16 p.m.•4 views

UBUNTU-CVE-2025-71269

Cvelist•added 2026/03/18 5:40 p.m.•16 views

CVE-2025-71269 btrfs: do not free data reservation in fallback from inline due to -ENOSPC

0.00114EPSS

ATTACKERKB•added 2026/03/18 5:40 p.m.•4 views

CVE-2025-71269

5.7AI score0.00114EPSS

Exploits0References6Affected Software1

CVE•added 2026/03/18 5:40 p.m.•11 views

CVE-2025-71269

In CVE-2025-71269, the Linux kernel fixes a data-reservation handling bug in Btrfs: when inline extents fail due to -ENOSPC, the code previously freed the reserved qgroup data unconditionally. The fix updates __cow_file_range_inline() to free reserved qgroup data only if the fallback path is not ...

Exploits0References5Affected Software1

OSV•added 2026/03/18 5:40 p.m.•3 views

CVE-2025-71269 btrfs: do not free data reservation in fallback from inline due to -ENOSPC

Tenable Nessus•added 2026/03/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-71269

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: do not free data reservation in fallback from inline due to -ENOSPC If we fail to create an inline extent due to -ENOSPC, we will attempt to go through t...

5.5CVSS5.8AI score0.00114EPSS