EUVD-2026-25318

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

CVE-2026-41334

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

CVE-2026-41334 OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

CVE-2026-41334

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities stemmed from a decompression bomb vulnerability in image processing, which failed to properly execute pixel limit...

PT-2026-34765

OpenClaw before 2026.3.31 contains a decompression bomb vulnerability in image processing that fails to properly enforce pixel-limit guards on sips. Attackers can exploit this by uploading oversized images to cause denial of service through excessive memory consumption...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update a...

RockyLinux 9 : libarchive (RLSA-2026:8510)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:8510 advisory. libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing CVE-2026-4424 libarchive: libarchive: Arbitrary code...

OESA-2026-1916 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

RLSA-2026:7682 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RHEL 8 : libarchive (RHSA-2026:8521)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:8521 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660...

ALSA-2026:8534 Important: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

SUSE CVE-2026-33908

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When...

CVE-2026-6384

A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's ReadJeffsImage function allows an attacker to write beyond an allocated buffer by processing a specially crafted GIF file. This can lead to a denial of service or potentially arbitrary code execution...

Out-of-bounds Write

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Heap-based Buffer Overflow

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the magnify when an unrecognized magnify:method value is provided. An attacker can cause a denial of service by triggering an out-of-bounds read during image processing. Remediation A fix was pushed into t...

Heap-based Buffer Overflow

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...