CVE-2026-34503 OpenClaw < 2026.3.28 - Incomplete WebSocket Session Termination on Device Removal and Token Revocation

OpenClaw before 2026.3.28 fails to disconnect active WebSocket sessions when devices are removed or tokens are revoked. Attackers with revoked credentials can maintain unauthorized access through existing live sessions until forced reconnection...

Acronis Cyber Protect Cloud Agent 安全漏洞

Acronis Cyber Protect Cloud Agent is a cloud agent developed by the Swiss company Acronis. Versions of Acronis Cyber Protect Cloud Agent prior to build 41124 contained security vulnerabilities. These vulnerabilities stemmed from the failure to delete credentials from the agent after they were...

Design/Logic Flaw

Ursa is a cryptographic library for use with blockchains. The revocation schema that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model, allowing a malicious holder of a revoked credential to...

Hyperledger Ursa Encryption Issue Vulnerability

Hyperledger Ursa is a Hyperledger open source cryptographic library for use with the blockchain. A cryptographic issue vulnerability exists in Hyperledger Ursa version 0.1.0 that stems from allowing a malicious holder of revoked credentials to generate a valid, non-revoked proof for that credenti...