OpenClaw ACP client has permission auto-approval bypass via untrusted tool metadata

Vulnerability Summary The OpenClaw ACP client could auto-approve tool calls based on untrusted metadata and permissive name heuristics. A malicious or compromised ACP tool invocation could bypass expected interactive approval prompts for read-class operations. Affected Packages / Versions -...

CVE-2026-27966

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.8.0, the CSV Agent node in Langflow hardcodes allowdangerouscode=True, which automatically exposes LangChain’s Python REPL tool pythonreplast. As a result, an attacker can execute arbitrary Python an...

Wireshark Analyzer 4.6.4

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

Eve'S Forgery Probability from Her False Acceptance Probability: Interactive Authentication, Holevo Information and the Min-Entropy

We obtain estimates for Eve's forgery probability, namely the probability that she is able to forge a message which Alice or Bob mistakenly accept over a noisy Quantum channel for generating a shared Quantum secret key. This probability is related to Eve's success probability obtained in a previo...

Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It

Triage is supposed to make things simpler. In a lot of teams, it does the opposite. When you can’t reach a confident verdict early, alerts turn into repeat checks, back-and-forth, and “just escalate it” calls. That cost doesn’t stay inside the SOC; it shows up as missed SLAs, higher cost per case...

PT-2026-20744

Missing Authorization vulnerability in creativeinteractivemedia Real 3D FlipBook real3d-flipbook-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real 3D FlipBook: from n/a through = 4.16.4...

CVE-2009-0242

gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to 1 perform excessive CPU computation and 2 send the...

ARGUS

ARGUS - All-seeing Recon & General Unified Security...

CVE-2026-25996

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

CVE-2026-25996 Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

CVE-2026-25996 Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

PT-2026-7900

Name of the Vulnerable Software and Affected Versions Inspektor Gadget affected versions not specified Description Inspektor Gadget has an issue where string fields from eBPF events in columns output mode are not sanitized, potentially allowing maliciously crafted event payloads from observed...

CVE-2026-25994 PJSIP has a heap buffer overflow in ICE with long username

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a buffer overflow vulnerability exists in PJNATH ICE Session when processing credentials with excessively long usernames...

[SECURITY] Fedora 42 Update: rust-git-interactive-rebase-tool-2.4.1-15.fc42

Full-featured terminal-based sequence editor for Git interactive rebase...

[SECURITY] Fedora 42 Update: rust-below-0.9.0-6.fc42

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

[SECURITY] Fedora 43 Update: rust-git-interactive-rebase-tool-2.4.1-15.fc43

Full-featured terminal-based sequence editor for Git interactive rebase...

[SECURITY] Fedora 43 Update: rust-below-0.9.0-6.fc43

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring

Why do SOC teams keep burning out and missing SLAs even after spending big on security tools? Routine triage piles up, senior specialists get dragged into basic validation, and MTTR climbs, while stealthy threats still find room to slip through. Top CISOs have realized the solution isn’t hiring...

CVE-2026-1757

A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to fr...

CVE-2026-1757 Libxml2: memory leak leading to local denial of service in xmllint interactive shell

A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to fr...