CVE-2026-27486

OpenClaw CVE-2026-27486 affects the OpenClaw CLI up to version 2026.2.13, where cleanup uses system-wide process enumeration and pattern-based termination without verifying process ownership. On shared hosts, unrelated processes matching the pattern could be terminated. The issue is addressed in ...

EUVD-2026-5440

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read from out-of-bounds...

EUVD-2013-4176

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-14681

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The daemon in P3Scan 3.0rc1 and earlier creates a p3scan.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitra...

Linux Distros Unpatched Vulnerability : CVE-2022-49829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/scheduler: fix fence ref counting We leaked dependency fences when processes were beeing killed. Additional to that grab a reference to the last scheduled...

CVE-2023-32695

socket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3...

CVE-2025-2794

CVE-2025-2794 describes an unsafe reflection vulnerability in Kentico Xperience (affecting Xperience up to and including version 13.0.180). An unauthenticated attacker can trigger the vulnerability to terminate the current process, resulting in a Denial-of-Service condition. The issue is rooted i...

Low: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

DEBIAN-CVE-2024-50015

In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The daxiomaprw does two things in each iteration: map written blocks and copy user data to blocks. If the process is killed by userSee signal handling in...

CVE-2024-42267

In the Linux kernel, the following vulnerability has been resolved: riscv/mm: Add handling for VMFAULTSIGSEGV in mmfaulterror Handle VMFAULTSIGSEGV in the page fault path so that we correctly kill the process and we don't BUG the kernel...

CVE-2024-42267

In the Linux kernel, the following vulnerability has been resolved: riscv/mm: Add handling for VMFAULTSIGSEGV in mmfaulterror Handle VMFAULTSIGSEGV in the page fault path so that we correctly kill the process and we don't BUG the kernel...

Unveiling the Deceptive Dance: Phobos Ransomware Masquerading As VX-Underground

During a recent hunt, Qualys Threat Research has come across a ransomware family known as Phobos, impersonating VX-Underground. Phobos ransomware has been knocking on our door since early 2019 and is often seen being distributed via stolen Remote Desktop Protocol RDP connections. Strongly believe...

SUSE CVE-2017-13649

UnrealIRCd 4.0.13 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command. NOTE: t...

SUSE CVE-2018-6536

An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for icinga2.pid modification before a root script...

MultipartParser denial of service with too many fields or files

Impact The MultipartParser using the package python-multipart accepts an unlimited number of multipart parts form fields or files. Processing too many parts results in high CPU usage and high memory usage, eventually leading to an OOM process kill. This can be triggered by sending too many small...

CVE-2022-43665

A denial of service vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.8.645. A specially-crafted PE file can lead to killing target process. An attacker can provide a malicious file to trigger this vulnerability...

SUSE SLES11 Security Update : supportutils (SUSE-SU-2019:13976-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:13976-1 advisory. - Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker...

Financially Motivated Actors Are Expanding Access Into OT: Analysis of Kill Lists That Include OT Processes Used With Seven Malware Families

Mandiant Threat Intelligence has researched and written extensively on the increasing financially motivated threat activity directly impacting operational technology OT networks. Some of this research is available in our previous blog posts on industrial post-compromise ransomware and FireEye's...

CVE-2020-14974

CVE-2020-14974 affects IOBit Unlocker 1.1.2 (driver). A low-privilege user can obtain a handle-leak unlock and terminate processes (even SYSTEM) holding a handle via IOCTL code 0x222124. Root cause is tied to the driver interface exposed by IOCTL 0x222124, enabling unlocking of files and terminat...

CVE-2012-6136

tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes...