OpenClaw 2026.2.6 < 2026.2.14 Deep Link Message Truncation (macOS) (GHSA-7q2j-c4q5-rm27)

The version of the OpenClaw AI assistant installed on the remote macOS host is 2026.2.6 or later but prior to 2026.2.14. It is, therefore, affected by a remote code execution vulnerability: - The OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links...

CVE-2025-8041

In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141...

firefox: thunderbird: Origin of permission prompt could be spoofed by long URL

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Truncation of a long URL could have allowed origin spoofing in a permission prompt...

UBUNTU-CVE-2024-10462

Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...

X (Formerly Twitter): Viral Direct Message Clickjacking via link truncation leading to capture of both Google credentials & installation of malicious 3rd party Twitter App

Summary: Viral Direct Message Clickjacking via link truncation leading to capture of both Google credentials & installation of malicious 3rd party Twitter App Description: Because very long links in direct messages are truncated after 38 characters the malicious actors were able to provide a...