2988 matches found
GHSA-77Q5-RR5V-X43Q OpenClaw: Trusted retry endpoint checks could match hostname prefixes
Summary Trusted retry endpoint checks could match hostname prefixes. In affected versions, a retry endpoint URL chosen by lower-trust input could pass validation by using a hostname prefix that resembled a trusted host. This advisory is scoped to the named feature and configuration. It does not...
GHSA-VXX3-6HC9-7CC3 OpenClaw: Combined POSIX shell options could confuse exec revalidation
Summary Combined POSIX shell options could confuse exec revalidation. In affected versions, a command request using combined shell flags could parse approval-time and execution-time shell options differently. This advisory is scoped to the named feature and configuration. It does not change...
GHSA-3WQP-PRF6-2M72 OpenClaw: Feishu dynamic-agent bindings could miss configWrites enforcement
Summary Feishu dynamic-agent bindings could miss configWrites enforcement. In affected versions, a Feishu sender using dynamic-agent binding behavior could create or update bindings without honoring the configured config-write control. This advisory is scoped to the named feature and configuratio...
GHSA-77PV-3W4Q-VRJ5 OpenClaw: QQBot pre-dispatch slash commands could skip allowFrom checks
Summary QQBot pre-dispatch slash commands could skip allowFrom checks. In affected versions, a QQBot sender able to invoke slash commands could dispatch the command before applying the configured allowFrom policy. This advisory is scoped to the named feature and configuration. It does not change...
GHSA-XR4F-MJXJ-W6W5 OpenClaw: Non-owner chat senders could issue device-pairing bootstrap codes
Summary The bundled device-pair plugin exposed /pair on normal chat command surfaces. In affected releases, authorized non-owner chat senders could issue device-pairing bootstrap codes without having owner, admin, or pairing scope. This issue does not affect unauthenticated users. The caller must...
GHSA-GP79-M99V-GJMH OpenClaw: Mattermost handlers could fall open when channel type was missing
Summary Mattermost handlers could fall open when channel type was missing. In affected versions, a Mattermost event missing channel type metadata could continue without applying the intended DM policy decision. This advisory is scoped to the named feature and configuration. It does not change...
GHSA-QJPC-QF9M-XWMR OpenClaw: Trusted-proxy Control UI WebSocket accepted client-declared scopes before pairing
Summary In trusted-proxy Control UI mode, OpenClaw accepted a WebSocket client's declared operator scopes before those scopes were bound to a server-approved pairing or trusted-proxy authorization baseline. This issue affects trusted-proxy Control UI deployments. It does not apply to shared-secre...
GHSA-C29C-2Q9C-PC86 OpenClaw: Slack allowFrom could bind to mutable display names
Summary Slack allowFrom could bind to mutable display names. In affected versions, a Slack account able to change display name metadata could match a policy entry through mutable display metadata. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...
GHSA-83W9-H5WV-J9XM OpenClaw: Node pairing reconnection could confuse approval scope state
Summary Node pairing reconnection could confuse approval scope state. In affected versions, a paired or reconnecting node session could mutate pairing state in a way that changed the approval scope decision. This advisory is scoped to the named feature and configuration. It does not change...
GHSA-2J8V-HWGC-X698 OpenClaw: Shell wrapper argv could change between approval and execution
Summary Shell wrapper argv could change between approval and execution. In affected versions, a command request using a shell wrapper form could approve one resolved argv shape and rebuild another for execution. This advisory is scoped to the named feature and configuration. It does not change...
GHSA-QH2F-99MV-MRCF OpenClaw: Bundle MCP loopback could miss its exec denylist on session spawn
Summary Bundle MCP loopback could miss its exec denylist on session spawn. In affected versions, a caller that can reach the affected bundled MCP session-spawn path could bypass the denylist that was intended for that loopback MCP entry point. This advisory is scoped to the named feature and...
GHSA-XWW8-GQVH-92X9 OpenClaw: Exec approval display truncation could hide the command being approved
Summary OpenClaw exec approvals could show a shortened command in the approval UI while keeping the full original command for execution. For very long commands, an approver could see and approve a benign-looking prefix while a hidden suffix remained part of the command that would run after...
EUVD-2026-41005
The following Poly Voice IP devices, CCX, Trio, and Edge E, might be inoperable if they connect to a malicious SIP server and receive malformed data. HP is releasing updates to mitigate these potential vulnerabilities...
firefox: thunderbird: Mitigation bypass in the DOM: Security component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...
OPENSUSE-SU-2026:21166-1 Security update for nano
This update for nano fixes the following issues: Changes in nano: - Update to version 9.1: When searching, the viewport is placed snug left where possible. The ability to read and write files in old Mac format a lone carriage return as line ending was removed. The ^T toggle between WhereIs and...
PT-2026-53005
Name of the Vulnerable Software and Affected Versions Fluentd versions prior to 1.19.3 Description The out http output plugin allows the use of placeholders, such as $tag, in the endpoint configuration parameter. If a placeholder value is derived from untrusted input, an attacker can control the...
CVE-2026-27604
FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...
CVE-2026-56211
A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Thermal/debugfs: Fixed two locking issues related to the thermal zone debug. With the current locking mechanism for thermal zones in the debugfs code, user space can open the “mitigations” file for a thermal zone before the...
Astra Linux – Vulnerability in Linux
A vulnerability was discovered in the Linux kernel’s EBPF verifier when handling internal data structures. Internal memory locations could be exposed to userspace. A local attacker with the permission to insert eBPF code into the kernel can exploit this vulnerability to leak internal kernel memor...