CVE-2026-45255

When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...

CVE-2026-45255 Remote code execution via installer Wi-Fi access point scans

When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...

EUVD-2026-31263

When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...

GHSA-RF75-G96H-J3RM Duplicate Advisory: OpenClaw's complex interpreter pipelines could skip exec script preflight validation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-fvx6-pj3r-5q4q. This link is maintained to preserve external references. Original Description OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in shell-bleed protecti...

Duplicate Advisory: OpenClaw's complex interpreter pipelines could skip exec script preflight validation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-fvx6-pj3r-5q4q. This link is maintained to preserve external references. Original Description OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in shell-bleed protecti...

Incomplete List of Disallowed Inputs

Overview @openclaw/discord is an OpenClaw Discord channel plugin Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs through the validateScriptFileForShellBleed process. An attacker can execute unauthorized script content by crafting piped, substituted, or...

CVE-2026-34425

OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in shell-bleed protection that allows attackers to execute blocked script content by using piped or complex command forms that the parser fails to recognize. Attackers can craft commands such as piped...

CVE-2026-34425

OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass in the shell-bleed protection. The bypass lets attackers craft piped, subshell, or command-substitution forms that the parser fails to recognize, enabling execution of blocked script content that would otherwise be bl...

PT-2026-29868

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to commit 8aceaf5 Description OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass in shell-bleed protection. This allows attackers to execute blocked script content by using piped or complex...

Exploit for CVE-2024-41997

Warp Terminal RCE CVE-2024-41997 Command injection via unsa...

CVE-2018-0428

A vulnerability in the account management subsystem of Cisco Web Security Appliance WSA could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to improper implementation of access...

Cisco Web Security Appliance Privilege Escalation Vulnerability

A vulnerability in the account management subsystem of Cisco Web Security Appliance WSA could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to improper implementation of access...

FortiAuthenticator v300 build 0007 Multiple Vulnerabilities

Fortinet FortiAuthenticator suffers from subshell bypass, cross site scripting, password disclosure, and file disclosure vulnerabilities. Fortinet FortiAuthenticator Multiple Vulnerabilities Affected Versions: Verified on FortiAuthenticator v300 build 0007 +-------------+ | Description |...

Aerohive Hive Manager and Hive OS Multiple Vulnerabilities

, , . '.' '. ', . , '. , .', , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Aerohive Hive Manager and Hive OS Multiple Vulnerabilities Affected Versions: Aerohive Hive Manager Stand-alone and Cloud = 6.1R3 and HiveOS 6.1R3 PDF:...