PT-2026-28449

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.11 Description The software contains an authorization bypass issue. Attackers possessing write-scoped access can execute admin-only session reset logic. Specifically, individuals with operator.write scope can...

brick-node (>=0.0.8 <=0.0.17), bud (=0.0.3) +18 more potentially affected by unknown CVE via new-command (>=0.0.0 <=2.0.0)

new-command NPM version =0.0.0, =0.0.8, =0.0.0, =0.0.0, =0.0.0, =0.0.3, =0.0.4, =0.0.5 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-27359...

MAL-2025-27359 Malicious code in new-command (npm)

The package new-command was found to contain malicious code...

Malicious code in new-command (npm)

The package new-command was found to contain malicious code...

Metasploit Wrap-Up 04/25/2025

AD CS workflow improvement with new PKCS12 features Given the increasing popularity of AD CS misconfiguration exploitation in recent years, Metasploit has been consistently improving its capabilities in this area. This week’s release introduces a new certs command to the msfconsole, enabling user...

CVE-2021-29499 Predictable SIF UUID Identifiers

SIF is an open source implementation of the Singularity Container Image Format. The siftool new command and func siftool.New produce predictable UUID identifiers due to insecure randomness in the version of the github.com/satori/go.uuid module used as a dependency. A patch is available in version...

Fedora 13 : sudo-1.7.4p4-1.fc13 (2010-14355)

update to new upstream version - sudo now uses /var/db/sudo for timestamps - new command available: sudoreplay - use native audit support - corrected license field value: BSD - ISC - added envkeep += HOME see rhbz614025 for backwards compatibility - added Defaults !visiblepw - fixes CVE-2010-2956...