GHSA-7FCC-CW49-XM78 OpenClaw has command injection via Windows shell fallback in Lobster tool execution

Summary The Lobster extension tool execution path used a Windows shell fallback shell: true after spawn failures EINVAL/ENOENT. In that fallback path, shell metacharacters in command arguments can be interpreted by the shell, enabling command injection. Affected Packages / Versions - Package:...

OpenClaw has command injection via Windows shell fallback in Lobster tool execution

Summary The Lobster extension tool execution path used a Windows shell fallback shell: true after spawn failures EINVAL/ENOENT. In that fallback path, shell metacharacters in command arguments can be interpreted by the shell, enabling command injection. Affected Packages / Versions - Package:...

PT-2026-26235

Summary On Windows, the Lobster extension previously retried certain spawn failures ENOENT/EINVAL with shell: true for wrapper compatibility. In that fallback path, tool-provided arguments could be interpreted by cmd.exe if fallback was triggered. Affected Packages / Versions - Package: openclaw...

PT-2026-26240

Summary The Lobster extension tool execution path used a Windows shell fallback shell: true after spawn failures EINVAL/ENOENT. In that fallback path, shell metacharacters in command arguments can be interpreted by the shell, enabling command injection. Affected Packages / Versions - Package:...

OpenClaw's sandboxed sessions_spawn now enforces sandbox inheritance for cross-agent spawns

Summary A sandboxed session could use cross-agent sessionsspawn to create a child under an agent configured with sandbox.mode="off", downgrading runtime confinement. Impact In mixed-agent setups that allow cross-agent spawning, a sandboxed requester could escape into an unsandboxed child runtime...

Access Control Bypass

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Access Control Bypass in the sessionsspawn sandboxed session. An attacker can bypass intended sandbox restrictions by spawning a child process under an agent with sandboxing disabled,...

GHSA-P7GR-F84W-HQG5 OpenClaw's sandboxed sessions_spawn now enforces sandbox inheritance for cross-agent spawns

Summary A sandboxed session could use cross-agent sessionsspawn to create a child under an agent configured with sandbox.mode="off", downgrading runtime confinement. Impact In mixed-agent setups that allow cross-agent spawning, a sandboxed requester could escape into an unsandboxed child runtime...

Atlassian Jira Service Management Data Center and Server 10.3.0 < 10.3.16 (JSDSERVER-16497)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16497 advisory. - Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to...

Security Bulletin: IBM watsonx Orchestrate Developer Edition is vulnerable to Regular Expression Denial of Service (ReDoS) due to cross-spawn

Summary cross-spawn is used by IBM watsonx Orchestrate Developer Edition as part of image: tools-runtime Vulnerability Details CVEID:CVE-2024-21538 DESCRIPTION: Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service ReD...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003864)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003864 advisory. Four memory leaks in the nfpflowerspawnphyreprs function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to caus...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004020)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004020 advisory. Four memory leaks in the nfpflowerspawnphyreprs function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to caus...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004019)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004019 advisory. A memory leak in the nfpflowerspawnvnicreprs function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause ...

NOAA PMEL Live Access Server (LAS) command injection

RISK EVALUATION Sites running NOAA PMEL Live Access Server LAS are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. 2. RECOMMENDED PRACTICES...

CVE-2025-62193

Sites running NOAA PMEL Live Access Server LAS are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. Fixed in a version of...

CVE-2025-62193

Sites running NOAA PMEL Live Access Server LAS are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. Fixed in a version of...

CVE-2025-62193

The CVE-2025-62193 entry describes a remote code execution vulnerability in NOAA PMEL Live Access Server (LAS). Affected component: LAS handling PyFerret expressions in requests, exploitable via a SPAWN command by an unauthenticated remote attacker to execute arbitrary OS commands. Impact per sou...

CVE-2025-62193 NOAA PMEL Live Access Server (LAS) PyFerret command injection

Sites running NOAA PMEL Live Access Server LAS are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. Fixed in a version of...

EUVD-2026-2723

Sites running NOAA PMEL Live Access Server LAS are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. Fixed in a version of...

PT-2026-3061

Sites running NOAA PMEL Live Access Server LAS are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, unauthenticated attackers can execute arbitrary OS commands...

OPENSUSE-SU-2026:20018-1 Security update for glib2

This update for glib2 fixes the following issues: Update to version 2.84.4. Security issues fixed: - CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. -...