Lucene search
K

33 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: converting workqueues to unbound mode When a workqueue is created with WQUNBOUND, its work items are served by special worker-pools, whose host workers are not bound to any specific CPU. In the default configuration i.e.,...

5.5CVSS6.3AI score0.00165EPSS
Exploits0References2
NVD
NVD
added 2026/06/11 9:16 p.m.15 views

CVE-2026-53817

OpenClaw before 2026.5.22 contains a locality validation vulnerability in Control UI pairing that allows attackers with network access to spoof locality information and obtain durable admin-capable device tokens. Attackers can exploit insufficient locality-derived trust validation to convert...

8.8CVSS0.00309EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:11 p.m.5 views

User Impersonation

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to User Impersonation via insufficient validation in the Control UI pairing process. An attacker can obtain persistent administrative device tokens by spoofing locality information over the...

8.8CVSS5.9AI score0.00309EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/11 8:9 p.m.33 views

CVE-2026-53817 OpenClaw < 2026.5.22 - Control UI Locality Spoofing in Device Pairing

OpenClaw before 2026.5.22 contains a locality validation vulnerability in Control UI pairing that allows attackers with network access to spoof locality information and obtain durable admin-capable device tokens. Attackers can exploit insufficient locality-derived trust validation to convert...

8.8CVSS0.00309EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 8:9 p.m.10 views

EUVD-2026-36323

OpenClaw before 2026.5.22 contains a locality validation vulnerability in Control UI pairing that allows attackers with network access to spoof locality information and obtain durable admin-capable device tokens. Attackers can exploit insufficient locality-derived trust validation to convert...

8.8CVSS5.5AI score0.00309EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 8:9 p.m.34 views

CVE-2026-53817

OpenClaw CVE-2026-53817 affects the Control UI pairing in OpenClaw, where locality validation is insufficient. This allows attackers with network access to spoof locality information and obtain durable admin-capable device tokens, converting temporary shared access into persistent administrative ...

8.8CVSS5.5AI score0.00309EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/11 8:9 p.m.9 views

CVE-2026-53817 OpenClaw < 2026.5.22 - Control UI Locality Spoofing in Device Pairing

OpenClaw before 2026.5.22 contains a locality validation vulnerability in Control UI pairing that allows attackers with network access to spoof locality information and obtain durable admin-capable device tokens. Attackers can exploit insufficient locality-derived trust validation to convert...

8.8CVSS5.2AI score0.00309EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.13 views

PT-2026-48747

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.22 Description An issue in the Control UI pairing process involves insufficient locality-derived trust validation. This allows attackers with network access to spoof locality information to convert temporary...

8.8CVSS5.2AI score0.00309EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/04 5:55 p.m.5 views

CVE-2026-41237

Froxlor is open source server administration software. In version 2.3.6 and earlier, the LOC record regex uses \s+ which matches newlines allowing embedded newlines to pass, TLSA matchingType=0 has no upper bound on hex data length, and all validators return raw input without zone-file escaping...

8.6CVSS5.8AI score0.00269EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.10 views

SUSE CVE-2026-45941

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 12:24 a.m.11 views

CVE-2026-45941

A flaw was found in the Linux kernel's tpmi2cinfineon module. This vulnerability occurs when the getburstcount function fails due to a timeout, causing the system to not release an acquired locality. An attacker could potentially exploit this to cause a resource exhaustion, leading to a Denial of...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.11 views

EUVD-2026-32225

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

5.8AI score0.00123EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/27 3:33 p.m.9 views

EUVD-2026-32337

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without releasing the locality acquired earlier. Use goto outerr to ensure...

5.8AI score0.00163EPSS
Exploits0References9
OSV
OSV
added 2026/05/27 2:17 p.m.4 views

UBUNTU-CVE-2026-45871

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without releasing the locality acquired earlier. Use goto outerr to ensure...

5.5CVSS5.7AI score0.00163EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.4 views

UBUNTU-CVE-2026-45941

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 12:17 p.m.35 views

CVE-2026-45941 tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

0.00123EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/27 12:17 p.m.8 views

CVE-2026-45941

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
CVE
CVE
added 2026/05/27 12:15 p.m.21 views

CVE-2026-45871

CVE-2026-45871 affects the Linux kernel TPM subsystem (st33zp24 driver). A failure in get_burstcount() can return -EBUSY on timeout, causing st33zp24_send() to exit without releasing the previously acquired locality, risking resource exhaustion and local DoS by making the TPM device unavailable. ...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References8Affected Software1
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.7 views

CVE-2026-45941

tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure...

5.8AI score0.00123EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the getburstcount function in tpm/tpmi2cinfineon. When this function returns -EBUSY due to timeout, the...

5.8AI score0.00123EPSS
Exploits0References8
Rows per page
Query Builder