CVE-2026-35649 OpenClaw < 2026.3.22 - Settings Reconciliation Bypass via Empty Allowlist

OpenClaw before 2026.3.22 contains a settings reconciliation vulnerability that allows attackers to bypass intended deny-all revocations by exploiting empty allowlist handling. The vulnerability treats explicit empty allowlists as unset during reconciliation, silently undoing intended access...

DEBIAN-CVE-2016-7433

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...

CVE-2016-7433

CVE-2016-7433 affects ntpd (ntp) prior to 4.2.8p9. Root cause: initial sync calculations regression where the root distance did not include peer dispersion. This can cause incorrect timing calculations, with documented potential for denial of service or disruption. Remediation: upgrade ntp to 4.2...

WordPress plugin WPML 'menu sync' function has unspecified vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WPML is one of the multi-language plug-ins. A security vulnerability exists in the 'menu sync' function of the...