7830 matches found
EUVD-2026-27293
OpenClaw before 2026.4.10 contains a plugin trust bypass vulnerability that allows channel setup catalog lookups to resolve workspace plugin shadows before bundled channel plugins. Attackers can exploit this by crafting malicious workspace plugins that bypass intended trust gates during setup-tim...
CVE-2026-43571 OpenClaw < 2026.4.10 - Untrusted Workspace Plugin Shadow Resolution in Channel Setup
OpenClaw before 2026.4.10 contains a plugin trust bypass vulnerability that allows channel setup catalog lookups to resolve workspace plugin shadows before bundled channel plugins. Attackers can exploit this by crafting malicious workspace plugins that bypass intended trust gates during setup-tim...
CVE-2026-43571
OpenClaw before 2026.4.10 contains a plugin trust bypass vulnerability that allows channel setup catalog lookups to resolve workspace plugin shadows before bundled channel plugins. Attackers can exploit this by crafting malicious workspace plugins that bypass intended trust gates during setup-tim...
SUSE CVE-2026-43052
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check tdls flag in ieee80211tdlsoper When NL80211TDLSENABLELINK is called, the code only checks if the station exists but not whether it is actually a TDLS station. This allows the operation to proceed for non-TDL...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.10 contained security vulnerabilities. These vulnerabilities stemmed from bypassing plugin trust mechanisms, allowing attackers to circumvent the expected trust levels when...
📄 phpMyFAQ 4.0.16 Improper Authorization
phpMyFAQ versions 4.0.16 and below suffer from an improper authorization vulnerability. Exploit Title: phpMyFAQ = 4.0.16 - Improper Authorization Google Dork: N/A Date: 2026-01-23 Exploit Author: GUIA BRAHIM FOUAD Vendor Homepage: https://www.phpmyfaq.de/ Software Link:...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories CVE-2025-68736 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context CVE-2026-23102 In the Linu...
Missing Authentication for Critical Function
Overview github.com/0xJacky/Nginx-UI/api/system is a yet another Nginx Web UI Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the api/install endpoint during the initial setup process. An attacker can gain unauthorized administrative access by...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the api/install endpoint during the initial setup process. An attacker can gain unauthorized administrative access by sending a crafted installation request before the legitimate operator...
MAL-2026-3333 Malicious code in rogiant-quick-install (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 efdebb03bb05b0da602f813ad321bbc81c658ac1bec059a5a7fa73fed277a53b During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
MAL-2026-3332 Malicious code in rogiant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f7e1dc50782abed477c5013c8a732e952d747ffa770f399571ff468699b8f3 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Malicious code in rogiant (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f7e1dc50782abed477c5013c8a732e952d747ffa770f399571ff468699b8f3 During installation package downloads and runs a malicious executable. Likely continuation of 2026-03-rowrap. The campaign is built over a malicious Roblox API...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: brcmfmac: pcie: Firmware is released in the brmfipciesetup error path. This prevents memory leaks if the brmfichipgetraminfo function fails. Note that the CLM blob is released in the device removal path...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: um: line: always fill errorout in setuponeline The pointer is not initialized by the callers, but I’ve encountered cases where it is still printed; initialize it in all possible cases within setuponeline...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix memory leak in gpiochipsetupdev Here is a backtrace report about memory leak detected in gpiochipsetupdev: unreferenced object 0xffff88810b406400 size 512: comm "python3", pid 1682, jiffies 4295346908 age 24.090s...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed a possible crash that occurred when setting up bsg failed. If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, the condition “if!mrioc-bsgqueue” will not be...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: A potential memory leak has been fixed in setupbasectxt. setupbasectxt allocates a memory chunk for uctxt-groups using hfi1allocctxtrcvgroups. When inituserctxt fails, uctxt-groups is not released, which can lead to a...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In md/raid10, there is a issue where memory leaks occur in the MD thread. In raid10run, if setupconf succeeds and raid10run fails before setting ‘mddev-thread’, then the variable ‘conf-thread’ is not freed after the failure. This...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: cxl/region: Do not attempt cleanup after a failure in cxlRegionAttach. Commit 5e42bcbc3fef “cxl/region: Decrement -nrtargets in case of errors in cxlRegionAttach” attempted to prevent initialization errors when -nrtargets...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: xfs: fixed a UAF Use-After-Value issue in xattr repair. The xchksetupxattrbuf function can allocate a new value buffer; therefore, any reference to ab-value before the call could become a dangling pointer. This issue was fixed...