robot

Good all day, my friends, I finally finished the first versio...

exploit-validator

$repo Production-grade offensive security tool for Purpose...

CVE-2026-28486 OpenClaw 2026.1.16-2 < 2026.2.14 - Path Traversal (Zip Slip) in Archive Extraction via Installation Commands

OpenClaw versions 2026.1.16-2 prior to 2026.2.14 contain a path traversal vulnerability in archive extraction during installation commands that allows arbitrary file writes outside the intended directory. Attackers can craft malicious archives that, when extracted via skills install, hooks instal...

CVE-2026-28486

OpenClaw

CVE-2026-28486

OpenClaw versions 2026.1.16-2 prior to 2026.2.14 contain a path traversal vulnerability in archive extraction during installation commands that allows arbitrary file writes outside the intended directory. Attackers can craft malicious archives that, when extracted via skills install, hooks instal...

CVE-2026-28486 OpenClaw 2026.1.16-2 < 2026.2.14 - Path Traversal (Zip Slip) in Archive Extraction via Installation Commands

OpenClaw versions 2026.1.16-2 prior to 2026.2.14 contain a path traversal vulnerability in archive extraction during installation commands that allows arbitrary file writes outside the intended directory. Attackers can craft malicious archives that, when extracted via skills install, hooks instal...

OpenClaw vulnerable to path traversal (Zip Slip) in archive extraction during explicit installation commands

Summary A path traversal Zip Slip issue in archive extraction during explicit installation commands could allow a crafted archive to write files outside the intended extraction directory. Affected Packages / Versions - Package: openclaw npm - Affected versions: =2026.1.16-2 2026.2.14 - Fixed...

PT-2026-23560

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.1.16-2 through 2026.2.13 Description A path traversal issue exists in archive extraction during installation commands. This allows a crafted archive to write files outside the intended extraction directory. The issue...

ROS-2-1859

2.1859 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

Design/Logic Flaw

An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. A guest Android operating system inside the MEmu emulator contains a /system/bin/systemd binary that is run with root privileges on startup this is unrelated to Red Hat's systemd init program, and is a closed-source proprietar...

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2016-03220)

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. An information disclosure vulnerability exists in IBM InfoSphere Information Server, which can be exploited by a local attacker to execute arbitrary commands during installation, exposing...