CVE-2026-41400

OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consumption and denial of service...

GHSA-2W79-R9G8-WMCR OpenClaw: Voice-call still parses large WebSocket frames before start validation (Incomplete fix for CVE-2026-32062)

Summary Incomplete fix for CVE-2026-32062: voice-call still parses large WebSocket frames before start validation Current Maintainer Triage - Normalized severity: medium - Assessment: v2026.3.28 still parses oversized pre-start voice-call WebSocket frames before start validation, and the unreleas...

OpenClaw: Voice-call still parses large WebSocket frames before start validation (Incomplete fix for CVE-2026-32062)

Summary Incomplete fix for CVE-2026-32062: voice-call still parses large WebSocket frames before start validation Current Maintainer Triage - Normalized severity: medium - Assessment: v2026.3.28 still parses oversized pre-start voice-call WebSocket frames before start validation, and the unreleas...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005669)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005669 advisory. In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init After commit 30696378f68a pstore/ram: Do not...

Linux Distros Unpatched Vulnerability : CVE-2023-54021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: set goal start correctly in ext4mbnormalizerequest We need to set acgex to notify the goal start used in ext4mbfindbygoal. Set acgex instead of acfex in...