Compromise OpenClaw with Prompt Injections in Message Objects

Executive Summary As powerful personal AI assistants become increasingly widespread, their ability to access tools, files, and external services also makes them susceptible to prompt injection attacks, where malicious content can manipulate their behavior. This research evaluated OpenClaw against...

Universal Tool Calling Protocol 代码问题漏洞

Universal Tool Calling Protocol is an official Python implementation of the UTCP open-source protocol. Versions prior to 1.1.3 of Universal Tool Calling Protocol had code vulnerabilities, which stemmed from inconsistent trust boundaries and could lead to man-in-the-middle server request forgery...

CVE-2026-7439 AgentFlow Local Web API Content-Type Validation Bypass

AgentFlow's local web API accepts non-JSON content types on POST /api/runs and POST /api/runs/validate endpoints without enforcing application/json validation, allowing attackers to bypass trust-boundary enforcement on sensitive operations. Attackers can exploit this content-type validation...

Threat-Oriented Digital Twinning for Security Evaluation of Autonomous Platforms

Open, unclassified research on secure autonomy is constrained by limited access to operational platforms, contested communications infrastructure, and representative adversarial test conditions. This paper presents a threat-oriented digital twinning methodology for cybersecurity evaluation of...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.2 contained security vulnerabilities. These vulnerabilities were due to improper trust boundaries, which could allow untrusted workarea channel shadows to execute during built-i...

Securing Retrieval-Augmented Generation: A Taxonomy of Attacks, Defenses, and Future Directions

Retrieval-augmented generation RAG significantly enhances large language models LLMs but introduces novel security risks through external knowledge access. While existing studies cover various RAG vulnerabilities, they often conflate inherent LLM risks with those specifically introduced by RAG. I...

OPENSUSE-SU-2026:20468-1 Security update for python-cbor2

This update for python-cbor2 fixes the following issues: - CVE-2025-68131: CBORDecoder reuse across trust boundaries can lead to leak of shareable values from previous decode calls via attacker-controlled messages bsc1255783. - CVE-2026-26209: uncontrolled recursion via crafted CBOR payloads can...

Toward Secure Web to ERP Payment Flows: A Case Study of HTTP Header Trust Failures in SAP Based Systems

Electronic banking portals often sit in front of enterprise resource planning ERP systems such as SAP, mediating payment requests between users and back end financial infrastructure. When these integrations place excessive trust in client supplied HTTP metadata, subtle design flaws can arise that...

EUVD-2025-205866

CBORDecoder reuse can leak shareable values across decode calls...

DEBIAN-CVE-2025-68131

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...

CVE-2025-68131

CVE-2025-68131 (cbor2) affects the cbor2 library’s CBORDecoder when reusing a decoder across trust boundaries. Versions 3.0.0–before 5.8.0 may retain shareable-tag (28) values in memory, allowing an attacker-controlled message to read data from earlier decoded messages via the sharedref tag (29)....

CVE-2025-68131 CBORDecoder reuse can leak shareable values across decode calls

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...

cbor2 安全漏洞

cbor2 is a library with extensive tag support for encoding and decoding binary object representations in serialized format from the individual developer Alex Grönholm. A security vulnerability exists in cbor2 version 3.0.0 up to and including version 5.8.0, which stems from the fact that when the...

EUVD-2024-41611

Malicious code in bioql PyPI...

Hard-Earned Lessons in Access Control at Scale: Enforcing Identity and Policy across Trust Boundaries with Reverse Proxies and MTLS

In today's enterprise environment, traditional access methods such as Virtual Private Networks VPNs and application-specific Single Sign-On SSO often fall short when it comes to securely scaling access for a distributed and dynamic workforce. This paper presents our experience implementing a...

The vulnerability of the Python extension for Visual Studio Code, a code editor from Visual Studio Code, relates to breaches of confidentiality boundaries, allowing the intruder to execute arbitrary code.

The vulnerability of the Python extension for the Visual Studio Code code editor involves breaching trust boundaries. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code...

Amazon Linux 2 : ecs-service-connect-agent, --advisory ALAS2ECS-2024-045 (ALASECS-2024-045)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.29.9.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2024-045 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...

BIT-ENVOY-2024-45806 Potential manipulate `x-envoy` headers from external sources in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration ...

CVE-2024-45806

A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration of internal trust boundaries, which considers all RFC1918...

CVE-2024-45806

Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration ...