CVE-2026-26323 OpenClaw has a command injection in maintainer clawtributors updater

OpenClaw is a personal AI assistant. Versions 2026.1.8 through 2026.2.13 have a command injection in the maintainer/dev script scripts/update-clawtributors.ts. The issue affects contributors/maintainers or CI who run bun scripts/update-clawtributors.ts in a source checkout that contains a malicio...

CVE-2026-27014

NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular NextOffset chains cause an infinite loop, and deeply nested directories cause unbounded recursion stack overflow in the ROMFS archive parser. Version 6.0.1630.0 patches the issue...

PT-2026-20654

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of multiple CA Certificate Authority certificates is used in the trusted certificates configuration of a Kafka Connect opera...

PT-2026-20655

Name of the Vulnerable Software and Affected Versions Strimzi versions 0.49.0 through 0.50.0 Description Strimzi allows running an Apache Kafka cluster on Kubernetes or OpenShift. Versions 0.49.0 through 0.50.0 incorrectly configure trusted certificates for mTLS authentication when using a custom...

OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation

Description normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw sandbox flows, this hash is used to decide whether...

GHSA-2GJW-FG97-VG3R Go Ethereum affected by DoS via malicious p2p message

Impact A vulnerable node can be forced to shutdown/crash using a specially crafted message. More details to be released later. Patches The problem is resolved in the v1.16.9 and v1.17.0 releases of Geth. Credit This issue was reported to the Ethereum Foundation Bug Bounty Program by Waleed Ahmed...

GHSA-Q447-RJ3R-2CGH OpenClaw affected by denial of service via unbounded webhook request body buffering

Summary Multiple webhook handlers accepted and buffered request bodies without a strict unified byte/time limit. A remote unauthenticated attacker could send oversized payloads and cause memory pressure, degrading availability. Details Affected packages: - openclaw npm: 2026.2.12 - clawdbot npm:...

OpenClaw's Windows cmd.exe parsing may bypass exec allowlist/approval gating

Summary On Windows nodes, exec requests were executed via cmd.exe /d /s /c . In allowlist/approval-gated mode, the allowlist analysis did not model Windows cmd.exe parsing and metacharacter behavior. A crafted command string could cause cmd.exe to interpret additional operations for example comma...

CVE-2025-69420 affecting package edk2 for versions less than 20230301gitf80f052277c8-46

CVE-2025-69420 affecting package edk2 for versions less than 20230301gitf80f052277c8-46. A patched version of the package is available...

CVE-2025-30269

Qsync Central is affected by a use of externally-controlled format string vulnerability. The issue allows a remote attacker who gains a user account to potentially obtain secret data or modify memory. Root cause: externally-controlled format strings in the affected component. A fixed version is a...

CVE-2026-2258 aardappel lobster wfc.h WaveFunctionCollapse memory corruption

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

CVE-2026-25764

OpenProject suffers a stored HTML injection in the time-tracking workflow prior to 16.6.7 and 17.0.3. The HTML is not escaped in the work package name, allowing an attacker with administrator privileges to inject HTML into the name when creating time-tracking entries, potentially affecting the Wo...

CVE-2026-25724

Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly denied Claude Code access to a file such as /etc/passwd and Claude Code had access to a...

Fedora 43 : phpunit9 (2026-8d8a292bba)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8d8a292bba advisory. Version 9.6.34 - 2026-01-27 Fixed Regression introduced in PHPUnit 9.6.33 ---- Version 9.6.33 - 2026-01-27 Changed To prevent Poisoned Pipeline Execution PPE...

CVE-2025-62616 AutoGPT has SSRF vulnerability in SendDiscordFileBlock

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.34, in SendDiscordFileBlock, the third-party library aiohttp.ClientSession.get is used directly to access the URL, b...

GHSA-M7GW-RFFQ-RXJM Winter CMS has Stored Cross-site Scripting (XSS) in Asset Manager

Impact Affected versions of Winter CMS allow users with access to the CMS Asset Manager were able to upload SVGs without automatic sanitization. To actively exploit this security issue, an attacker would need access to the Backend with a user account with the following permission: cms.manageasset...

OpenClaw vulnerable to Unauthenticated Local RCE via WebSocket config.apply

Summary An unauthenticated local client could use the Gateway WebSocket API to write config via config.apply and set unsafe cliPath values that were later used for command discovery, enabling command injection as the gateway user. Impact A local process on the same machine could execute arbitrary...

EUVD-2026-5373

melange allows users to build apk packages using declarative pipelines. In version 0.11.3 to before 0.40.3, an attacker who can influence the tar stream from a QEMU guest VM could write files outside the intended workspace directory on the host. The retrieveWorkspace function extracts tar entries...

CVE-2026-25054 n8n is Vulnerable to Stored Cross-Site Scripting via Markdown Rendering in Workflow UI

n8n is an open source workflow automation platform. Prior to versions 1.123.9 and 2.2.1, a Cross-Site Scripting XSS vulnerability existed in a markdown rendering component used in n8n's interface, including workflow sticky notes and other areas that support markdown content. An authenticated user...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 XP 6.0.2.GA release

JBoss EAP XP 6.0.2.GA release on the EAP 8.1 base. See references for release notes. This is a cumulative patch release zip for the JBoss EAP XP 6.0.2 runtime distribution for use with EAP 8.1.4. Security Fixes: lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing...