PT-2026-38236

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.10 Description An improper network binding issue exists in the sandbox browser CDP relay, which exposes the Chrome DevTools Protocol on 0.0.0.0. This overly broad binding configuration allows attackers to acce...

NornicDB has Improper Network Binding in its Bolt Server, allowing unauthorized remote access

Summary The --address CLI flag and NORNICDBADDRESS / server.host config key is plumbed through to the HTTP server correctly but never reaches the Bolt server config. The Bolt listener therefore always binds to the wildcard address all interfaces, regardless of what the user configures. On a LAN,...

CVE-2025-31964

Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2 allows a privileged attacker to impact service availability via exposure of administrative services bound to external network interfaces instead of the local authentication interface...

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...