1872 matches found
CVE-2026-32988 OpenClaw < 2026.3.11 - Sandbox Boundary Bypass via Unvalidated Temporary File Creation
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in fs-bridge staged writes where temporary file creation and population are not pinned to a verified parent directory. Attackers can exploit a race condition in parent-path alias changes to write attacker-controlled bytes...
CVE-2026-32988
OpenClaw before 2026.3.11 contains a sandbox boundary bypass in fs-bridge staged writes: temporary file creation and population are not pinned to a verified parent directory, enabling a race between parent-path alias changes and the final guarded replace step. This could allow attacker-controlled...
CVE-2026-32977
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths inside the sandbox...
CVE-2026-21716
An incomplete fix for CVE-2024-36137 leaves FileHandle.chmod and FileHandle.chown in the promises API without the required permission checks, while their callback-based equivalents fs.fchmod, fs.fchown were correctly patched. As a result, code running under --permission with restricted...
Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1495)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1495 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of qgrouplist in btrfsaddqgrouprelation CVE-2025-40209 In t...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via FileHandle.chmod or FileHandle.chown functions which can use a "read-only" file descriptor to change the owner and permissions of a file. Notes: - This is only exploitable for users using the experimental...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via the fs.realpathSync.native function. An attacker running malicious code within a restricted Node.js environment where --allow-fs-read is intentionally limited can exploit this missing check to verify file...
kernel security update
3.10.0-1160.119.1.0.19 - ext4: fix use-after-free in ext4orphancleanup CVE-2022-50673 Orabug: 39036029 - Squashfs: check return result of sbminblocksize CVE-2025-38415 Orabug: 39036029 - atm: clip: Fix infinite recursive call of clippush. CVE-2025-38459 Orabug: 39036029 - usb: core: config: Preve...
IMAPServer (=0.1.0), OpenDataSH_twitter_notifier (>=0.1.0 <=0.1.2) +1891 more potentially affected by unknown CVE via tokio-fs (>=0.1.7 <=0.2.0-alpha.6)
tokio-fs CARGO version =0.1.7, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.4.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.7.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0061...
RUSTSEC-2026-0061 `tokio-fs` is unmaintained
The tokio-fs crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...
`tokio-fs` is unmaintained
The tokio-fs crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...
BIT-CEPH-2025-52555 CephFS Permission Escalation Vulnerability in Ceph Fuse mounted FS
Ceph is a distributed object, block, and file storage platform. In versions 17.2.7, 18.2.1 through 18.2.4, and 19.0.0 through 19.2.2, an unprivileged user can escalate to root privileges in a ceph-fuse mounted CephFS by chmod 777 a directory owned by root to gain access. The result of this is tha...
GHSA-XVX8-77M6-GWG6 OpenClaw: Sandbox `writeFile` commit could race outside the validated path
Summary In affected versions of openclaw, the sandbox fs-bridge writeFile commit step used an unanchored container path during the final move into place. An attacker racing parent-path changes inside the sandbox could redirect the committed file outside the validated sandbox path. Impact This is ...
Files or Directories Accessible to External Parties
Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the dev server configuration when server.fs.strict is set to false. An attacker can access sensitive files on the host system by sending crafted requests to the development server...
PT-2026-24182
Name of the Vulnerable Software and Affected Versions LiquidJS versions prior to 10.25.0 Description The layout, render, and include tags are susceptible to arbitrary file access through absolute paths. This can occur when paths are provided as string literals or through Liquid variables,...
The vulnerability of the fs/fuse component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the fs/fuse component in Linux operating systems is related to errors during thread blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...
kernel security update
4.18.0-553.111.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
CVE-2026-28697 Craft Affected by Authenticated RCE via "craft.app.fs.write()" in Twig Templates
Craft is a content management system CMS. Prior to 4.17.0-beta.1 and 5.9.0-beta.1, an authenticated administrator can achieve Remote Code Execution RCE by injecting a Server-Side Template Injection SSTI payload into Twig template fields e.g., Email Templates. By calling the craft.app.fs.write...
Security Bulletin: Vulnerabilities in tar-fs-2.1.1.tgz affecting MongoDB Enterprised Advanced (CVE-2025-59343)
Summary There is a vulnerability in tar-fs-2.1.1.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-59343. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-59343 DESCRIPTION: tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1,...