CVE-2026-46673 Russh: Unchecked CryptoVec allocation and growth handling is reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases

Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh releases, local SSH agent peers could still feed attacker-controlled frame lengths into buffer growth...

CVE-2026-46673 Russh: Unchecked CryptoVec allocation and growth handling is reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases

Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh releases, local SSH agent peers could still feed attacker-controlled frame lengths into buffer growth...

CVE-2026-46673

Summary of the vulnerability (CVE-2026-46673) : In Russh (Rust SSH client/server), CryptoVec allocations and growth were unchecked in vulnerable releases. Prior to 0.60.3, local agent inputs could feed attacker-controlled frame lengths into buffer growth before validation; in historical releases ...

GHSA-G9F8-WQJ9-FJW5 Russh: Unchecked CryptoVec allocation and growth handling is reachable

Title Unchecked CryptoVec allocation and growth handling was reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases Summary CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths...

Russh: Unchecked CryptoVec allocation and growth handling is reachable

Title Unchecked CryptoVec allocation and growth handling was reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases Summary CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths...

CVE-2026-44998

OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and LSP tools to circumvent configured tool restrictions. Attackers with local agent access can append restricted tools to the effective tool set after policy filtering, bypassing profile policies, allow/de...

CVE-2026-44998

OpenClaw prior to version 2026.4.20 contains a tool policy bypass vulnerability in which bundled MCP and LSP tools can be appended to the effective tool set after policy filtering. This allows attackers with local agent access to bypass profile policies, allow/deny lists, owner-only restrictions,...

PT-2026-39687

OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and LSP tools to circumvent configured tool restrictions. Attackers with local agent access can append restricted tools to the effective tool set after policy filtering, bypassing profile policies, allow/de...

JLSEC-2026-431 When doing SSH-based transfers using either SCP or SFTP, and asked to do public key...

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

CVE-2025-15224

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

libssh key passphrase bypass without agent set

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

CURL-CVE-2025-15224 libssh key passphrase bypass without agent set

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

Linux Distros Unpatched Vulnerability : CVE-2025-15224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locall...

CVE-2025-63408

CVE-2025-63408 affects Local Agent DVR up to version 6.6.1.0. The vulnerability is a directory traversal that enables an unauthenticated local attacker to: (1) access sensitive information, (2) trigger a server-side forgery request (SSRF), and (3) execute operating system commands. The available ...

CVE-2025-63408

Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to sensitive information, cause a server-side forgery request SSRF, or execute OS commands...

CVE-2025-63408

Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to sensitive information, cause a server-side forgery request SSRF, or execute OS commands...

PT-2025-47326

Name of the Vulnerable Software and Affected Versions Local Agent DVR versions through 6.6.1.0 Description Local Agent DVR is affected by a directory traversal issue. An unauthenticated local attacker can exploit this to access sensitive information, conduct a server-side forgery request SSRF, or...

Linux Distros Unpatched Vulnerability : CVE-2018-14470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babelprintv2. CVE-2018-14470 Note that Nessus relies on the presence of the...

CVE-2024-36037 Insufficient Access Control Vulnerability

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings...

Checkmk Security Vulnerabilities

tribe29 Checkmk is an application from the German company tribe29. It provides a comprehensive solution for monitoring applications, servers and networks. A security vulnerability exists in Checkmk. The vulnerability originates from a Trojan Horse program script in the...