OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

Summary The agent-facing gateway tool protects config.apply and config.patch with a model-to-operator trust boundary. That guard used a hand-maintained denylist of protected config paths. The config schema outgrew that denylist, leaving sensitive subtrees writable through model-driven gateway...

GHSA-CWJ3-VQPP-PMXR OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

Summary The agent-facing gateway tool protects config.apply and config.patch with a model-to-operator trust boundary. That guard used a hand-maintained denylist of protected config paths. The config schema outgrew that denylist, leaving sensitive subtrees writable through model-driven gateway...

NPM: OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

NPM: OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes vulnerability discovered by ? in WordPress Npm openclaw versions 2026.4.23...

GHSA-7JM2-G593-4QRC OpenClaw: Agent gateway config mutations could change protected operator settings

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact The agent-facing gateway config.patch / config.apply guard did not cover several operator-trusted settings, including sandbox policy, plugin enablement, gateway auth/TLS, hook...

OpenClaw: Agent gateway config mutations could change protected operator settings

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact The agent-facing gateway config.patch / config.apply guard did not cover several operator-trusted settings, including sandbox policy, plugin enablement, gateway auth/TLS, hook...

Automatic Attack Script Generation: A MDA Approach

It is widely recognized that practical exercises are crucial for teaching cybersecurity in higher education. However, their setup is not only expensive, time-consuming, and prone to numerous errors, but also requires technical and programming skills to create attack contexts and scripts. To...

Knowledge-To-Data: LLM-Driven Synthesis of Structured Network Traffic for Testbed-Free IDS Evaluation

Realistic, large-scale, and well-labeled cybersecurity datasets are essential for training and evaluating Intrusion Detection Systems IDS. However, they remain difficult to obtain due to privacy constraints, data sensitivity, and the cost of building controlled collection environments such as...

Realistic Environmental Injection Attacks on GUI Agents

GUI agents built on LVLMs are increasingly used to interact with websites. However, their exposure to open-world content makes them vulnerable to Environmental Injection Attacks EIAs that hijack agent behavior via webpage elements. Many recent studies assume the attacker to be a regular user who...

CVE-2025-20262

CVE-2025-20262 affects Cisco Nexus 3000/9000 NX-OS standalone in PIM6. The issue arises from improper processing of PIM6 ephemeral data queries, allowing an authenticated, low-privileged remote attacker to crash the PIM6 process and cause DoS via adjacency flaps and DoS of PIM6/ephemeral query pr...

CVE-2025-20262 Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability

A vulnerability in the Protocol Independent Multicast Version 6 PIM6 feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denia...

PT-2025-34888 · Cisco · Cisco Nexus 3000 Series Switches +1

Name of the Vulnerable Software and Affected Versions: Cisco Nexus 3000 Series Switches Cisco Nexus 9000 Series Switches Description: A vulnerability in the Protocol Independent Multicast Version 6 PIM6 feature could allow an authenticated, low-privileged, remote attacker to trigger a crash of th...

LATENT: LLM-Augmented Trojan Insertion and Evaluation Framework for Analog Netlist Topologies

Analog and mixed-signal A/MS integrated circuits ICs are integral to safety-critical applications. However, the globalization and outsourcing of A/MS ICs to untrusted third-party foundries expose them to security threats, particularly analog Trojans. Unlike digital Trojans which have been...

OESA-2024-2513 ansible security update

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

OESA-2024-2510 ansible security update

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

CVE-2024-46942

In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...

OpenDaylight 安全漏洞

OpenDaylight ODL is an open source SDN controller from OpenDaylight Open Source. A security vulnerability exists in OpenDaylight Model-Driven Service Abstraction Layer MD-SAL version 13.0.1 and earlier, which stems from the fact that controllers with the follower role can configure flow entries i...

PT-2024-32291 · Opendaylight · Opendaylight Md-Sal

Name of the Vulnerable Software and Affected Versions: OpenDaylight Model-Driven Service Abstraction Layer MD-SAL versions through 13.0.1 Description: A controller with a follower role can configure flow entries in an OpenDaylight clustering deployment. Recommendations: For OpenDaylight...

SAP BusinessObjects BW Publisher Service Elevation of Privilege Vulnerability

SAP BusinessObjects BW Publisher Service is a model-driven data warehouse product from SAP Germany. An elevation of privilege vulnerability exists in versions 420 and 430 of the SAP BusinessObjects BW Publisher Service, which stems from the use of search paths that contain un-referenced elements,...

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.13)

An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

Fedora: Security Advisory for ansible (FEDORA-2020-87f5e1e829)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...