CVE-2026-27002 OpenClaw: Docker container escape via unvalidated bind mount config injection

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, a configuration injection issue in the Docker tool sandbox could allow dangerous Docker options bind mounts, host networking, unconfined profiles to be applied, enabling container escape or host data access. OpenClaw 2026.2.15 block...

CVE-2026-26201

emp3r0r is a C2 designed by Linux users for Linux environments. Prior to version 3.21.2, multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process cra...

SUSE-SU-2026:20470-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel bsc1249205. - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero ...

@agentuity/evals (>=0.0.104 <=2.0.23), @agentuity/hono (>=3.0.0-alpha.0 <=3.0.0-beta.4) +347 more potentially affected by CVE-2026-26280 via systeminformation (>=5.0.6 <=5.30.7)

systeminformation NPM version =5.0.6, =0.0.104, =3.0.0-alpha.0, =0.0.6, =0.0.63, =0.0.2, =3.0.0-alpha.0, =0.1.1, =0.1.1, =4.1.0, =4.0.0-devnet.2-patch.0, =0.0.1-2.1-beta-provision, =0.0.0-test.0, =0.0.0-test.0, =0.0.0-test.0, =5.0.0-private.20260319 and more Source cves: CVE-2026-26280 Source...

From Shadow APIs to Shadow AI: How the API Threat Model Is Expanding Faster Than Most Defenses

The shadow technology problem is getting worse. Over the past few years, organizations have scaled microservices, cloud-native apps, and partner integrations faster than corporate governance models could keep up, resulting in undocumented or shadow APIs. We’re now seeing this pattern all over aga...

RLSA-2026:2782 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs filesystem permissions bypass CVE-2025-55132 nodejs: Nodejs denial of service CVE-2026-21637 nodejs: Nodejs denial of service...

PT-2026-20964

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.15 Description A configuration injection issue in the Docker tool sandbox could allow dangerous Docker options bind mounts, host networking, unconfined profiles to be applied, potentially enabling container...

emp3r0r Affected by Concurrent Map Access DoS (panic/crash)

Summary Multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process crash availability loss. Vulnerable Componentwith code examples Operator relay map h...

GHSA-F5P9-J34Q-PWCC emp3r0r Affected by Concurrent Map Access DoS (panic/crash)

Summary Multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process crash availability loss. Vulnerable Componentwith code examples Operator relay map h...

OSEC-2026-01 Buffer Over-Read in OCaml Marshal Deserialization

Summary A critical buffer over-read vulnerability in OCaml's Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operations usin...

Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets

In April 2025, we reported on a then-new iteration of the Triada backdoor that had compromised the firmware of counterfeit Android devices sold across major marketplaces. The malware was deployed to the system partitions and hooked into Zygote – the parent process for all Android apps – to infect...

PT-2026-20338

Name of the Vulnerable Software and Affected Versions emp3r0r versions prior to 3.21.2 Description The software accesses multiple shared maps without consistent synchronization across goroutines. Concurrent activity can trigger a fatal error: concurrent map read and map write, leading to a C2...

From Detection to Remediation: It’s Time to Rethink AppSec Around Exploitability and Root Cause Fixes

Learn how Wiz is fundamentally changing AppSec by using the Security Graph to connect validated runtime vulnerabilities directly back to source code. Stop chasing alerts and fix what’s truly exploitable...

virt:ol and virt-devel:ol security update

libvirt 6.0.0-28.1.0.1 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma qemu-kvm 4.2.0-34.el83.5 - kvm-Drop-bogus-IPv6-messages.patch bz1939493 - Resolves: bz1939493 CVE-2020-10756 virt:rhel/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability...

CVE-2026-23174 nvme-pci: handle changing device dma map requirements

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

@secustor/backstage-plugin-renovate-backend-module-runtime-direct (>=4.0.0 <=4.0.2), renovate-mcp (>=0.11.0 <=1.0.0) potentially affected by unknown CVE via renovate (>=43.118.0 <=43.46.0)

renovate NPM version =43.118.0, =4.0.0, =0.11.0, =1.0.0 Source cves: unknown CVE Source advisory: SNYK:JS-RENOVATE-15282784...

@secustor/backstage-plugin-renovate-backend-module-runtime-direct (>=4.0.0 <=4.0.2), renovate-mcp (>=0.11.0 <=1.0.0) potentially affected by unknown CVE via renovate (>=43.118.0 <=43.46.0)

renovate NPM version =43.118.0, =4.0.0, =0.11.0, =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-8WC6-VGRQ-X6CF...

SUSE-SU-2026:0491-1 Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.16 fixes various security issues The following security issues were fixed: - CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum bsc1253473. - CVE-2025-40186: tcp: Don't call reqskfastopenremove in...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Installation Manager and IBM Packaging Utility (CVE-2025-1470, CVE-2025-1471)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 11 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-1470 DESCRIPTION: In...

ajv has ReDoS when using `$data` option

ajv Another JSON Schema Validator through version 8.17.1 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor...