EUVD-2026-38729

In the Linux kernel, the following vulnerability has been resolved: batman-adv: clear current gateway during teardown batadvgwnodefree removes the gateway list entries during mesh teardown, but it does not clear the currently selected gateway. This leaves stale gateway state behind across cleanup...

CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

CVE-2026-31243

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

CVE-2026-31243

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

CVE-2026-31243

The CVE-2026-31243 entry concerns the mem0 1.0.0 server, where the DELETE /memories endpoint lacks authentication/authorization controls. An unauthenticated attacker can trigger a memory reset that executes a CREATE TABLE SQL statement, potentially re-creating or altering schemas, causing data lo...

PT-2026-40320

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

CVE-2013-10075 Apache::Session versions through 1.94 for Perl re-creates deleted sessions

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...

CVE-2026-31662

A flaw was found in the Linux kernel's Transparent Inter-Process Communication TIPC protocol. An attacker can exploit an integer underflow vulnerability by sending duplicate group acknowledgment messages GRPACKMSG. This causes the bcackers counter to wrap around, leading to persistent network...

DEBIAN-CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

Researcher claims Claude Desktop installs “spyware” on macOS

Security researcher Alexander Hanff wrote an article titled Anthropic secretly installs spyware when you install Claude Desktop. Claims like that are bound to create two sides, so we searched for an official rebuttal by Anthropic. But we couldn’t find one. It would surprise me very much if they’d...

CVE-2026-3779

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

PT-2026-29439

Name of the Vulnerable Software and Affected Versions Multiple / Unspecified Products affected versions not specified Description The application's list box calculate array logic retains outdated references to page or form objects after their deletion or recreation. This allows specially crafted...

SUSE CVE-2026-21725

A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must have admin access to the specific datasource prior to its first deletion...

CVE-2026-21725

A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must have admin access to the specific datasource prior to its first deletion...

UBUNTU-CVE-2026-21725

A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must have admin access to the specific datasource prior to its first deletion...

CVE-2026-21725

A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: - The attacker must have admin access to the specific datasource prior to its first deletion...

PT-2026-21901

Name of the Vulnerable Software and Affected Versions Grafana affected versions not specified Description A time-of-create-to-time-of-use TOCTOU issue allows re-deletion of recently deleted and recreated data sources without authorization. The attack requires specific conditions: admin access to...

CVE-2026-27007

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...

CVE-2026-27007

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...