CVE-2026-42434

OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass sandbox boundaries and route execution to remote nodes instead of intended sandbox paths...

CVE-2026-42434 OpenClaw 2026.4.5 < 2026.4.10 - Sandbox Escape via host Parameter Override in Exec Routing

OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass sandbox boundaries and route execution to remote nodes instead of intended sandbox paths...

EUVD-2026-27251

OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass sandbox boundaries and route execution to remote nodes instead of intended sandbox paths...

CVE-2026-42434

OpenClaw 2026.4.5 prior to 2026.4.10 has a sandbox-escape vulnerability. Sandboxed agents can override exec routing by specifying host=node, allowing attackers to bypass sandbox boundaries and route execution to remote nodes instead of the intended sandbox paths. Affected software: OpenClaw; vuln...

PT-2026-37006

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.4.5 through 2026.4.9 Description Sandboxed agents can escape exec routing by specifying host=node. This allows attackers to bypass sandbox boundaries and route execution to remote nodes instead of the intended sandbox...

EUVD-2013-5877

Malware in sbrugna...

SUSE CVE-2013-6048

The getgrouptree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service infinite loop and memory consumption in the munin-html process via crafted multigraph data...

Code injection

Dell PowerScale OneFS, versions 8.2.0.x-9.4.0.x contain allocation of Resources Without Limits or Throttling vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service and performance issue on that node...

Puppet does not properly restrict access to node resources

Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors...

ALBA-2021:3578 pacemaker bug fix and enhancement update

The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Bug Fixes and Enhancements: pacemaker seems to end up in an unfence loop BZ1972273 On a three-node cluster if two nodes are...

pacemaker bug fix and enhancement update

The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Bug Fixes and Enhancements: pacemaker seems to end up in an unfence loop BZ1972273 On a three-node cluster if two nodes are...

Monero: DoS for remote nodes using Slow Loris attack

Summary: Using the slow loris attack it's possible to make the the daemon unresponsive to all RPC requests without at least a restart. Description: I used this node.js application https://www.npmjs.com/package/sloww to perform the attack on one of my remote nodes, but any other implementation of...

RHEL 7 : ansible (RHSA-2018:2022)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2022 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does n...

[SECURITY] Fedora 24 Update: ansible-2.2.1.0-1.fc24

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

Medium: munin

Issue Overview: The getgrouptree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service infinite loop and memory consumption in the munin-html process via crafted multigraph data. Munin::Master::Node in Munin before 2.0.18 allows remote...

DEBIAN-CVE-2013-6048

The getgrouptree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service infinite loop and memory consumption in the munin-html process via crafted multigraph data...

CVE-2013-6048

The getgrouptree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service infinite loop and memory consumption in the munin-html process via crafted multigraph data...

CVE-2013-2275

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors...