98 matches found
CVE-2026-44713 pam_usb: Command injection via $TMUX environment variable leads to RCE as root
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the socket-path component directly into a shell command passed to popen. Because the value is placed insi...
CVE-2026-44296
Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.167, a remote, unauthenticated denial of service DoS vulnerability affects Deskflow servers running with TLS enabled the default. When any TCP peer connects to the listening port and its first bytes do not parse as a valid TLS...
CVE-2026-44296
Deskflow TLS multiplexer DoS (CVE-2026-44296): prior to 1.26.0.167, remote unauthenticated connections that fail TLS ClientHello cause SecureSocket::secureAccept to sleep for 1s on the multiplexer thread, stalling input delivery to all connected screens. A sustained stream of malformed handshakes...
CVE-2026-43244
A flaw was found in the Linux kernel's Kernel Connection Multiplexer KCM module. A local user could trigger an issue where, during partial sendmsg operations, an empty network buffer skb is incorrectly left in the fraglist. A subsequent zero-length write operation can then cause a kernel warning,...
CVE-2026-43155
In the Linux kernel, the following vulnerability has been resolved: mux: mmio: fix regmap leak on probe failure The mmio regmap that may be allocated during probe is never freed. Switch to using the device managed allocator so that the regmap is released on probe failures e.g. probe deferral and ...
tsMuxer 安全漏洞
tsMuxer is a transport stream multiplexer developed by Dan’s individual developer, used for re-mixing/reusing basic streams. Versions of tsMuxer 2.7.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the function HevcVpsUnit::setFPS in the...
CVE-2026-32314
Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. Prior to 0.13.10, the Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULTCREDIT e.g. 262145. On the first packet of a new...
CVE-2026-22175
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...
CVE-2026-22175
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...
CVE-2026-22175
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...
EUVD-2026-12718
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...
CVE-2026-22175 OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...
CVE-2026-22175 OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...
CVE-2026-22175
OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...
CVE-2026-22175
OpenClaw prior to 2026.2.23 is affected by an exec approval bypass in allowlist mode. Unrecognized multiplexer wrappers (e.g., busybox/toybox sh -c) can bypass allow-always restrictions, enabling invocation of arbitrary payloads under the same wrapper and bypassing execution restrictions. Affecte...
Softing smartLink SW-HT 安全漏洞
The Softing smartLink SW-HT is a HART multiplexer from Softing Corporation, allowing for easy and quick access to HART field devices without the need for additional hardware. Version 1.43 of the Softing smartLink SW-HT contains a security vulnerability caused by a null pointer dereferencing, whic...
CVE-2026-32314
Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. Prior to 0.13.10, the Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULTCREDIT e.g. 262145. On the first packet of a new...
CVE-2026-31814
Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. From 0.13.0 to before 0.13.9, a specially crafted WindowUpdate can cause arithmetic overflow in send-window accounting, which triggers a panic in the connection state machine. This is remotely reachable over a normal...
PT-2026-25360
Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. From 0.13.0 to before 0.13.9, a specially crafted WindowUpdate can cause arithmetic overflow in send-window accounting, which triggers a panic in the connection state machine. This is remotely reachable over a normal...
AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass
VULNERABILITY: HTTP/2 Cleartext h2c Upgrade Authentication Bypass ======================================================================== Severity: CRITICAL CVSS 3.1: 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CWE: CWE-287 Improper Authentication Component: internal/home/web.go Affected:...