105 matches found
Fedora 45 : tailscale (2026-c3b7c062a3)
The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c3b7c062a3 advisory. Automatic update for tailscale-1.98.4-1.fc45. Changelog Sun May 31 2026 Jonathan Wright - 1.98.4-1 - update to 1.98.4 - Allow nftables to satisfy...
aerobi-poc
Aerobi POC — Simulação local de monitoramento de câmeras Labo...
CVE-2026-41913
OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended...
CVE-2026-41913 OpenClaw < 2026.4.4 - Rate-Limit Bypass via Concurrent Async Authentication Attempts
OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended...
EUVD-2026-26119
OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended...
CVE-2026-41913
OpenClaw before 2026.4.4 contains a race condition in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget on Tailscale-capable paths. Attackers can exploit multiple simultaneous authentication attempts to circumvent intended rate-limit...
CVE-2026-41913 OpenClaw < 2026.4.4 - Rate-Limit Bypass via Concurrent Async Authentication Attempts
OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended...
CVE-2026-41913
OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended...
PT-2026-35795
OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-limit budget. Attackers can exploit this by sending multiple simultaneous authentication attempts to circumvent intended...
OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths
Impact Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths. Concurrent asynchronous shared-secret auth attempts could race the per-key rate-limit budget. OpenClaw is a user-controlled local assistant. This advisory is scoped to the...
GHSA-25WV-8PHJ-8P7R OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths
Impact Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths. Concurrent asynchronous shared-secret auth attempts could race the per-key rate-limit budget. OpenClaw is a user-controlled local assistant. This advisory is scoped to the...
tailscale-1.96.4-1.1 on GA media (moderate)
tailscale-1.96.4-1.1 on GA media Announcement ID: openSUSE-SU-2026:10456-1 Rating: moderate Cross-References: CVE-2026-33747 CVSS scores: CVE-2026-33747 SUSE : 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-33747 SUSE : 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:...
OPENSUSE-SU-2026:10456-1 tailscale-1.96.4-1.1 on GA media
These are all security issues fixed in the tailscale-1.96.4-1.1 package on the GA media of openSUSE Tumbleweed...
[SECURITY] Fedora 43 Update: headscale-0.28.0-1.fc43
An open source, self-hosted implementation of the Tailscale control server...
[SECURITY] Fedora 44 Update: headscale-0.28.0-1.fc44
An open source, self-hosted implementation of the Tailscale control server...
CVE-2026-32045
OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes, allowing bypass of token and password requirements. Attackers on trusted networks can exploit this misconfiguration to access HTTP gateway routes without proper authentication...
Duplicate Advisory: OpenClaw's gateway tokenless Tailscale auth applied to HTTP routes
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hff7-ccv5-52f8. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway...
GHSA-QWMF-95R9-GX9X Duplicate Advisory: OpenClaw's gateway tokenless Tailscale auth applied to HTTP routes
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hff7-ccv5-52f8. This link is maintained to preserve external references. Original Description OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway...
CVE-2026-32045
OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes, allowing bypass of token and password requirements. Attackers on trusted networks can exploit this misconfiguration to access HTTP gateway routes without proper authentication...
CVE-2026-32045
OpenClaw versions prior to 2026.2.21 incorrectly apply tokenless Tailscale header authentication to HTTP gateway routes, allowing bypass of token and password requirements. Attackers on trusted networks can exploit this misconfiguration to access HTTP gateway routes without proper authentication...