3 matches found
CVE-2026-52931
In the Linux kernel, the following vulnerability has been resolved: batman-adv: tpmeter: avoid use of uninit sender vars batadvtprecvack and batadvtpstop are only valid for tpvars in the BATADVTPSENDER role. When called with a BATADVTPRECEIVER role, it proceeds to read sender-only members that we...
CVE-2026-52931
CVE-2026-52931 — Linux kernel (batman-adv tp_meter): The vulnerability arises when batadv_tp_recv_ack() or batadv_tp_stop() are invoked with a tp_vars in the BATADV_TP_RECEIVER role. In that case, code paths access sender-only members that were never initialized, causing undefined behavior. The f...
User Impersonation
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to User Impersonation via the moderation action handling process. An attacker can perform unauthorized moderation actions by spoofing sender identity fields in tool-driven flows. Note: This ...