Lucene search
+L

1409 matches found

Information Security Automation
Information Security Automation
added 2026/05/08 11:0 a.m.10 views

About Elevation of Privilege vulnerability - Linux Kernel "Dirty Frag" (CVE-2026-43284, CVE-2026-43500) vulnerability

About Elevation of Privilege vulnerability - Linux Kernel "Dirty Frag" CVE-2026-43284, CVE-2026-43500 vulnerability. According to information from researcher Hyunwoo Kim @v4bel, Dirty Frag is a vulnerability a class of vulnerabilities that allows a local unprivileged attacker to obtain root...

8.8CVSS6.3AI score0.93235EPSS
Exploits33
Arista
Arista
added 2026/05/08 12:0 a.m.41 views

Security Advisory 0138

Security Advisory 0138 PDF Date: May 8, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 8, 2026 | Initial release 1.1 | May 18, 2026 | Updated affected products and added Mitigation section 1.2 | July 15, 2026 | Updated CVE-ID's tracking this issue Updated Affected Software Added Resolution...

8.8CVSS6.8AI score0.93235EPSS
Exploits40
GithubExploit
GithubExploit
added 2026/05/07 10:14 p.m.129 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CopyFail2 CVE-2026-31431 - Python Implementation Python por...

7.8CVSS6.1AI score0.96267EPSS
Exploits230
Arista
Arista
added 2026/05/01 12:0 a.m.37 views

Security Advisory 0136

Security Advisory 0136 PDF Date: May 1, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 1, 2026 | Initial release 1.1 | May 7, 2026 | Additional required configuration for exploitation information added 1.2 | May 11, 2026 | Advisory updated with additional mitigations. The CVE-ID tracking th...

7.8CVSS6.5AI score0.96267EPSS
Exploits230
GithubExploit
GithubExploit
added 2026/04/30 8:38 p.m.107 views

Exploit for CVE-2026-31431

Copy Fail PoC English Python PoC for CVE-2026-31431,...

7.8CVSS5.7AI score0.96267EPSS
Exploits230
GithubExploit
GithubExploit
added 2026/04/30 2:55 a.m.98 views

Exploit for CVE-2026-31431

CVE-2026-31431 — Copy Vulnerability Linux Kernel Page Cache...

7.8CVSS7.5AI score0.96267EPSS
Exploits230
Github Security Blog
Github Security Blog
added 2026/04/29 9:34 p.m.10 views

OpenClaw: Webchat audio embedding could read local files without local-root containment

Impact OpenClaw deployments before 2026.4.15 could embed host-local audio files into webchat responses without applying the local media root containment check used by other media-serving paths. If an attacker could influence an agent or tool-produced ReplyPayload.mediaUrl, the webchat audio...

5.4AI score
Exploits0References3Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/04/29 8:6 a.m.15 views

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

...

6.4CVSS5.8AI score0.00144EPSS
Exploits0
NVD
NVD
added 2026/04/28 12:16 a.m.9 views

CVE-2026-41366

OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...

6CVSS0.00181EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/27 11:24 p.m.12 views

EUVD-2026-25946

OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...

6CVSS5.4AI score0.00181EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/27 11:24 p.m.16 views

CVE-2026-41366

OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...

6CVSS5.5AI score0.00181EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.17 views

PT-2026-35554

OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...

6CVSS5.4AI score0.00181EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.8 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : PackageKit vulnerability (USN-8195-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8195-1 advisory. It was discovered that PackageKit incorrectly handled certain transactions. A local attacker could use this issue to install arbitrary package...

5.9AI score
Exploits0References1
Debian
Debian
added 2026/04/21 3:31 p.m.6 views

[SECURITY] [DLA 4544-1] ntfs-3g security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4544-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz April 21, 2026 https://wiki.debian.org/LTS -...

8.4CVSS6AI score0.00165EPSS
Exploits0
Debian
Debian
added 2026/04/21 2:41 p.m.15 views

[SECURITY] [DSA 6221-1] ntfs-3g security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6221-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 21, 2026 https://www.debian.org/security/faq -...

8.4CVSS6AI score0.00165EPSS
Exploits0
EUVD
EUVD
added 2026/04/20 6:31 p.m.8 views

EUVD-2026-23931

OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...

6.3CVSS5.9AI score0.00264EPSS
Exploits0References6
OSV
OSV
added 2026/04/20 6:31 p.m.7 views

GHSA-QC5J-2MQX-X83Q Duplicate Advisory: OpenClaw: Webchat media embedding enforces local-root containment for tool-result files

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mr34-9552-qr95. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowi...

6.3CVSS5.9AI score0.00264EPSS
Exploits0References6
NVD
NVD
added 2026/04/20 6:16 p.m.12 views

CVE-2026-41389

OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...

6.3CVSS0.00264EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/20 5:48 p.m.31 views

CVE-2026-41389 OpenClaw 2026.4.7 < 2026.4.15 - Arbitrary File Read via Unvalidated Tool-Result Media Paths

OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...

6.3CVSS0.00264EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/20 5:48 p.m.4 views

CVE-2026-41389

OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...

6.3CVSS5.9AI score0.00264EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder