CVE-2026-53858

OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATEDIRECTORY could influence bundled runtime dependency roots. Attackers can manipulate the STATEDIRECTORY variable to load runtime dependencies from unintended local paths, potentially...

CVE-2026-53858

OpenClaw (pre-2026.5.2) is affected by CVE-2026-53858: an environment variable injection flaw where the workspace .env STATE_DIRECTORY can influence bundled runtime dependency roots. An attacker can manipulate STATE_DIRECTORY to load runtime dependencies from unintended local paths, potentially e...

CVE-2026-53858 OpenClaw < 2026.5.2 - Arbitrary Runtime Dependency Loading via STATE_DIRECTORY Environment Variable

OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATEDIRECTORY could influence bundled runtime dependency roots. Attackers can manipulate the STATEDIRECTORY variable to load runtime dependencies from unintended local paths, potentially...

[SECURITY] Fedora 44 Update: jq-1.8.1-3.fc44

lightweight and flexible command-line JSON processor jq is like sed for JSON data =E2=80=93 you can use it to slice and filter and map and transform structured data with the same ease that sed, awk, grep and friends let you play with text. It is written in portable C, and it has zero runtime...

adclaw (>=1.0.0 <=1.0.29), agentjet (=0.0.1) +27 more potentially affected by CVE-2024-8502 via agentscope (>=0.1.0 <=2.0.0)

agentscope PYPI version =0.1.0, =1.0.0, =0.3.0, =0.1.0, =0.2.0, =0.1.5, =1.0.0.post2, =0.1.0, =0.1.0, =0.0.1, =0.1.0.post1, =0.2.0, =0.4.0, =0.4.1 and more Source cves: CVE-2024-8502 Source advisory: SNYK:PYTHON-AGENTSCOPE-9511410...

Oracle Linux 9 : .NET / 9.0 (ELSA-2024-9543)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9543 advisory. 9.0.100-1.0.1 - Add support for Oracle Linux 9.0.100-1 - Update to .NET SDK 9.0.100 and Runtime 9.0.0 - Resolves: RHEL-65539 9.0.100rc.2.24474.1-0.7 -...

[SECURITY] Fedora 39 Update: ghc-isocline-1.0.9-28.fc39

A Haskell wrapper around the Isocline C library alternative to GNU Readline. The Isocline library is included whole and there are no runtime dependencies...

[SECURITY] Fedora 40 Update: ghc-isocline-1.0.9-28.fc40

A Haskell wrapper around the Isocline C library alternative to GNU Readline. The Isocline library is included whole and there are no runtime dependencies...

SUSE-SU-2023:4496-1 Security update for libreoffice

This update for fixes the following issues: libreoffice was updated rom 7.5.4.1 to 7.6.2.1 jscPED-6799, jscPED-6800: - For the highlights of changes of version 7.6 please consult the official release notes: https://wiki.documentfoundation.org/ReleaseNotes/7.6 - You can check for each minor releas...

virt:ol and virt-devel:ol security, bug fix, and enhancement update

libvirt 8.0.0-5.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-5.2.el8 - cpumap: Disable cpu64-rhel for host-model and baseline rhbz2084030 - cputest: Drop some old artificial baseline tests rhbz2084030 - cputest: Give...

OPENSUSE-SU-2021:2817-1 Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3

This patch updates the Python AWS SDK stack in SLE 15: General: aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all change...

Fedora 15 : libvirt-0.8.8-7.fc15 (2011-9091)

Fix for CVE-2011-2178, regression introduced in disk probe logic, Fix for CVE-2011-2511, integer overflow in VirDomainGetVcpus Make commandtest more robust, Add ARM to NUMA excludes Add several build and runtime dependencies to specfile Note that Tenable Network Security has extracted the precedi...