Security Bulletin: Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack

Summary The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0. Vulnerability Details CVEID:CVE-2026-5061 DESCRIPTION:...

OpenClaw: Sandbox `writeFile` commit could race outside the validated path

Summary In affected versions of openclaw, the sandbox fs-bridge writeFile commit step used an unanchored container path during the final move into place. An attacker racing parent-path changes inside the sandbox could redirect the committed file outside the validated sandbox path. Impact This is ...

GHSA-XMV6-R34M-62P4 OpenClaw: Sandbox media fallback tmp symlink alias bypass allows host file reads outside sandboxRoot

Summary A sandbox path validation bypass in openclaw allows host file reads outside sandboxRoot via the media path fallback tmp flow when the fallback tmp root is a symlink alias. Affected Packages / Versions - Package: npm openclaw - Affected versions: without verifying that fallback path was a...

CVE-2021-27205

Telegram before 7.4 212543 Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure...

CVE-2021-27205

Telegram before 7.4 212543 Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure...