GHSA-5H2C-8V84-QPVR OpenClaw shell-env fallback trusted startup env and could execute attacker-influenced login-shell paths

Summary OpenClaw shell-env fallback trusted startup environment values and could execute attacker-influenced login-shell startup paths before loading env keys. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.1.5 and = 2026.2.21-2 - Fixed on main:...

GHSA-P4WH-CR8M-GM6C OpenClaw: shell-env trusted-prefix fallback allowed attacker-controlled binary execution via $SHELL

Summary shell-env fallback trusted prefix-based executable paths for $SHELL, allowing execution of attacker-controlled binaries in local/runtime-env influence scenarios. Details In affected versions, shell selection accepted either: 1. a shell listed in /etc/shells, or 2. any executable under...

PT-2026-26013

Summary shell-env fallback trusted prefix-based executable paths for $SHELL, allowing execution of attacker-controlled binaries in local/runtime-env influence scenarios. Details In affected versions, shell selection accepted either: 1. a shell listed in /etc/shells, or 2. any executable under...

MiracleLinux 7 : setup-2.8.71-10.el7 (AXSA:2019-3677:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3677:01 advisory. setup: nologin listed in /etc/shells violates security expectations CVE-2018-1113 Tenable has extracted the preceding description block directly from the...

EUVD-2024-55035

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an attacker who has already obtained a non-login low privileged shell access via...

CVE-2024-48891

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an attacker who has already obtained a non-login low privileged shell access via...

CVE-2024-48891

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an attacker who has already obtained a non-login low privileged shell access via...

CVE-2024-48891

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an attacker who has already obtained a non-login low privileged shell access via...

CVE-2024-48891

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an attacker who has already obtained a non-login low privileged shell access via...

CVE-2024-48891

FortiSOAR is affected by an OS Command Injection (CWE-78) due to improper neutralization of special elements. Validated affected versions include 7.6.0–7.6.1, 7.5.0–7.5.1, all 7.4, and all 7.3. The vulnerability could allow an attacker who already has non-login, low-privileged shell access to esc...

PT-2025-41944

Name of the Vulnerable Software and Affected Versions FortiSOAR versions 7.3.x FortiSOAR versions 7.4.x FortiSOAR versions 7.5.0 through 7.5.1 FortiSOAR versions 7.6.0 through 7.6.1 Description An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' issue CWE-7...

EUVD-1999-0882

Malware in sbrugna...

EUVD-2025-4193

Malicious code in bioql PyPI...

Do Not Enable Login Capabilities for Users Who Are Not Meant for Direct Login

Typically, a Linux system has multiple users, not all of which are used for login. For instance, some users are automatically created during the installation of software packages like systemd and dhcp. These users serve specific purposes, such as running related software services. It is essential...

CVE-2025-26410 Weak Hard-coded Credentials

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root credentials. The user password can be easily recovered via password cracking attempts. The recovered credentials can be used to log into the device via the login shell that is exposed by the serial interface. T...

ECOVACS robot lawnmowers和vacuums 信任管理问题漏洞

ECOVACS robot vacuums and ECOVACS robot lawnmowers are both products of the Chinese company ECOVACS.ECOVACS robot vacuums are a line of vacuum cleaners.ECOVACS robot lawnmowers are a line of lawnmowers. A security vulnerability exists in the ECOVACS robot lawnmowers and vacuums that stems from th...

SUSE SLES15 Security Update : git (SUSE-SU-2023:0418-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0418-1 advisory. - Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5,...

SUSE CVE-2013-4400

virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments...

SUSE CVE-2013-4548

The mmnewkeysfromblob function in monitorwrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet dat...

ALPINE-CVE-2022-39260

Git is an open source, scalable, distributed revision control system. git shell is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the...