CVE-2026-41392 OpenClaw < 2026.3.31 - Exec Allowlist Bypass via Shell Init-File Options

OpenClaw before 2026.3.31 contains an exec allowlist bypass vulnerability allowing attackers to inherit allowlist trust via shell init-file wrapper invocations. Attackers can exploit shell options like --rcfile, --init-file, and --startup-file to load attacker-chosen initialization files while...

CVE-2026-24222

NVIDIA NemoClaw vulnerability CVE-2026-24222 affects the sandbox environment initialization component. A remote attacker can cause improper access control by sending prompt-injected content, leading to reading/exfiltrating host environment variables not properly restricted during sandbox creation...

EUVD-2026-26079

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

CVE-2026-24222

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

CVE-2026-24222

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

CLSA-2026-1777396174 perl-XML-Parser: Fix of CVE-2006-10003

CVE-2006-10003: fix off-by-one heap buffer overflow in stserialstack growth check in Expat/Expat.xs startElement; also backport upstream follow-up 2abd177 to initialize stserialstacksize=1024 after allocation...

webkitgtk: Processing maliciously crafted web content may disclose internal states of the app

A flaw was found in WebKitGTK. Processing malicious web content can cause a memory initialization issue due to improper memory handling and result in the disclosure of the internal states of the application...

Linux Distros Unpatched Vulnerability : CVE-2026-31689

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDAC/mc: Fix error path ordering in edacmcalloc When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice which will end up calli...

Security Bulletin: NVIDIA NemoClaw - April 2026

NVIDIA has released a software update for NVIDIA® NemoClaw. To protect your system, clone or update this software to v0.0.18 or later from NVIDIA/NemoClaw on GitHub. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update...

PT-2026-35756

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

PT-2026-35776

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description An exec allowlist bypass allows attackers to inherit allowlist trust through shell init-file wrapper invocations. By utilizing shell options such as --rcfile, --init-file, and --startup-file,...

CVE-2026-31689

A flaw was found in the EDAC/mc module of the Linux kernel. An error in the ordering of operations within the edacmcalloc function can lead to a situation where a device's release function is called before the device is fully initialized. This improper initialization can result in a kernel warnin...

CVE-2026-31689

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fix error path ordering in edacmcalloc When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice which will end up calling the device's release function. However, the init ordering is wrong...

EUVD-2026-25886

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fix error path ordering in edacmcalloc When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice which will end up calling the device's release function. However, the init ordering is wrong...

CVE-2026-31689

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fix error path ordering in edacmcalloc When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice which will end up calling the device's release function. However, the init ordering is wrong...

CVE-2026-31689 EDAC/mc: Fix error path ordering in edac_mc_alloc()

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fix error path ordering in edacmcalloc When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice which will end up calling the device's release function. However, the init ordering is wrong...

CVE-2026-31689

The CVE-2026-31689 issue affects the Linux kernel EDAC/mc path: edac_mc_alloc() may call put_device() during an error path before device_init completes, causing a kobject initialization/cleanup hazard and in-kernel MCE decoding symptoms. The fix reorders the initialization so the device (and its ...

CVE-2026-31687 gpio: omap: do not register driver in probe()

In the Linux kernel, the following vulnerability has been resolved: gpio: omap: do not register driver in probe Commit 11a78b794496 "ARM: OMAP: MPUIO wake updates" registers the omapmpuiodriver from omapmpuioinit, which is called from omapgpioprobe. However, it neither makes sense to register...

CVE-2026-41665

Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit 1.30.0...

PT-2026-35495

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fix error path ordering in edac mc alloc When the mci-pvt info allocation in edac mc alloc fails, the error path will call put device which will end up calling the device's release function. However, the init ordering is...