87 matches found
CVE-2026-43569
OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...
CVE-2026-43569
OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...
CVE-2026-43569 OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth
OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...
CVE-2026-43569 OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth
OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...
CVE-2026-43569 OpenClaw < 2026.4.9 - Untrusted Provider Plugin Auto-enablement via Workspace Provider Auth
OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are automatically...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.9 contained security vulnerabilities. These vulnerabilities stemmed from authentication bypasses, allowing for the automatic activation of untrusted workspace plugins during...
Exploit for CVE-2026-31431
CVE-2026-31431 Copy Fail Exploit A Linux kernel page cache co...
[SECURITY] Fedora 44 Update: mupdf-1.27.1-10.fc44
MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...
Unsafe Dependency Resolution
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Unsafe Dependency Resolution in the authentication setup. An attacker can cause untrusted workspace plugins to be auto-enabled by leveraging non-interactive onboarding that selects a...
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft
CVE-2024-30088 – WinRM Adapted PoC 📌 Summary This is a mo...
[SECURITY] Fedora 43 Update: mupdf-1.27.1-10.fc43
MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...
Computational Monogamy of Entanglement and Non-Interactive Quantum Key Distribution
Quantum key distribution QKD enables Alice and Bob to exchange a secret key over a public, untrusted quantum channel. Compared to classical key exchange, QKD achieves everlasting security: after the protocol execution the key is secure against adversaries that can do unbounded computations. On th...
Pura: an Efficient Privacy-Preserving Solution for Face Recognition
Face recognition is an effective technology for identifying a target person by facial images. However, sensitive facial images raises privacy concerns. Although privacy-preserving face recognition is one of potential solutions, this solution neither fully addresses the privacy concerns nor is...
Configure a Proper SSH Service Authentication Mode
A proper authentication mode helps ensure user and system data security. Typically, the user/password authentication mode is suitable for human-machine users. In non-interactive login scenarios, the public and private keys are suitable for authentication. In high-risk scenarios, only the public a...
Silenzio: Secure Non-Interactive Outsourced MLP Training
Outsourcing the ML training to cloud providers presents a compelling opportunity for resource constrained clients, while it simultaneously bears inherent privacy risks, especially for highly sensitive training data. We introduce Silenzio, the first fully non-interactive outsourcing scheme for the...
GHSA-FPR5-JP2J-4Q2F paillier-zk has ambiguous challenge derivation
Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...
paillier-zk has ambiguous challenge derivation
Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...
GHSA-RM66-9GH4-4GP8 cggmp21 vulnerable to ambiguous challenge derivation
Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...
cggmp21 vulnerable to ambiguous challenge derivation
Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...
GHSA-7JJX-3QW9-J6H6 cggmp21-keygen has ambiguous challenge derivation
Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...