OpenClaw has browser trace/download path symlink escape in temp output handling

Summary Browser trace/download output path handling allowed symlink-root and symlink-parent escapes from the managed temp root. Affected Packages / Versions - Package: openclaw npm - Latest published npm version: 2026.2.24 - Affected versions: = 2026.2.24 - Planned patched release: 2026.2.25 Impa...

OpenClaw has a path traversal in browser trace/download output paths may allow arbitrary file writes

Summary OpenClaw’s browser control API accepted user-supplied output paths for trace/download files without consistently constraining writes to OpenClaw-managed temporary directories. Impact If an attacker can access the browser control API, they could attempt to write trace/download output files...

Exploit for Use After Free in Google Android

CVE-2019-2215 Android Kernel Vulnerability CVE-2019-2215 tem...

Exploit for Use After Free in Google Android

CVE-2019-2215 Temproot for Bravia TV via CVE-2019-2215. Ov...

DEBIAN-CVE-2007-2444

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user...