Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error via the reuse of an easy handle in HTTP requests when a custom Host: header is set for the initial request and omitted in a subsequent one. An attacker can obtain cookies intended for a different host by exploiti...

CVE-2026-7336

CVE-2026-7336 is a use-after-free in WebRTC reported for Google Chrome versions before 147.0.7727.138. The issue allows remote code execution in the sandbox via a crafted HTML page. Affected product: Google Chrome (pre-147.7727.138). Root cause: use-after-free in WebRTC per the sources. Impact: a...

EUVD-2026-26099

OpenClaw before 2026.3.31 fails to properly sanitize PIPINDEXURL and UVINDEXURL environment variables in host execution contexts, allowing attackers to redirect Python package-index traffic. Attackers can exploit this bypass to intercept or manipulate package management operations by injecting...

JLSEC-2026-245 Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that...

Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC...

Apache Airflow's asset dependency graph did not restrict nodes by the viewer's DAG read permissions

The asset dependency graph did not restrict nodes by the viewer's DAG read permissions: a user with read access to at least one DAG could browse the asset graph for any other asset in the deployment and learn the existence and names of DAGs and assets outside their authorized scope. Users are...

Brave Software: iOS Brave Playlist "Open in Private Tab" bypasses FaceID requirement for Private Tabs

A vulnerability was discovered in the Brave browser for iOS where adding or opening a song in the Brave playlist and holding for the "Open in new Private Tab" option bypassed the Face ID or passcode requirement for accessing Private Tabs. This affected Brave iOS version 1.88 and iOS version 26.4....

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of handling for abnormal accesses to secure storage. This vulnerability may lead to an infinite...

OpenClaw: TOCTOU read in exec script preflight

Summary OpenClaw's exec script preflight validator previously validated and then read a script by mutable pathname. A local race could swap the path between validation and read, causing preflight analysis to inspect a different file identity than the one that passed the workspace boundary check...

GHSA-XGP8-3HG3-C2MH webpki: Name constraints were accepted for certificates asserting a wildcard name

Permitted subtree name constraints for DNS names were accepted for certificates asserting a wildcard name. This was incorrect because, given a name constraint of accept.example.com, .example.com could feasibly allow a name of reject.example.com which is outside the constraint. This is very simila...

Weblate: Improper access control for pending tasks in API

Impact The API for tasks didn't verify user access for pending tasks. This could expose logs of in-progress operations to users who don't have access to given scope. Patches https://github.com/WeblateOrg/weblate/pull/18515 Workarounds The attacker needs to guess the random UUID of the task, so...

ImageMagick has an off-by-one error in MSL decoder could result in crash

An off by one error in de MSL decoder could result in a crash when a malicous msl file is read...

curl: CVE-2026-6253: proxy credentials leak over redirect-to proxy

Summary: When libcurl follows a redirect and the new URL causes proxy re-selection, proxy credentials learned from the originally selected proxy URL can remain in per-transfer state and be reused for the next proxy. In the validated case, a redirect from http:// to https:// switches selection fro...

CVE-2026-3005

The affected software is the WordPress plugin List category posts . The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s 'catlist' shortcode due to insufficient input sanitization and output escaping on user-supplied attributes. It affects all versions up through 0.94.0 . Expl...

PT-2026-31351

Summary The sort natural filter bypasses the ownPropertyOnly security option, allowing template authors to extract values of prototype-inherited properties through a sorting side-channel attack. Applications relying on ownPropertyOnly: true as a security boundary e.g., multi-tenant template syste...

GO-2026-4865 JsBraceDepth Context Tracking Bugs (XSS) in html/template

Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being...

GHSA-83F3-HH45-VFW9 OpenClaw: Android accepted cleartext remote gateway endpoints and sent stored credentials over ws://

Summary Before OpenClaw 2026.4.2, Android accepted non-loopback cleartext ws:// gateway endpoints and would send stored gateway credentials over that connection. Discovery beacons or setup codes could therefore steer the client onto a cleartext remote endpoint. Impact A user who followed a forged...

CVE-2026-4292 Privilege abuse in ModelAdmin.list_editable

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. Admin changelist forms using ModelAdmin.listeditable incorrectly allowed new instances to be created via forged POST data. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluated a...

CVE-2026-32484

creationtimestamp| type| source ---|---|--- 2026-04-07 08:30:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mivefnccqg2t...

PT-2026-30636

Memory corruption while preprocessing IOCTL request in JPEG driver...

GHSA-F693-58PC-2GFR OpenClaw: Telegram legacy allowFrom migration fans default-account trust into all named accounts

Summary Telegram legacy allowFrom migration fans default-account trust into all named accounts Current Maintainer Triage - Status: open - Normalized severity: low - Assessment: Shipped v2026.3.28 Telegram migration fans legacy default-account allowFrom trust into named accounts, which is an...