CVE-2026-27144

The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime...

OpenClaw's system.run allowlist can be bypassed through an unregistered time dispatch wrapper

Summary Allow-always exec approvals did not unwrap /usr/bin/time, so an unregistered time wrapper could bypass executable binding and reuse approval state for the inner command. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-...

GHSA-QM9X-V7CX-7RQ4 OpenClaw's system.run allowlist can be bypassed through an unregistered time dispatch wrapper

Summary Allow-always exec approvals did not unwrap /usr/bin/time, so an unregistered time wrapper could bypass executable binding and reuse approval state for the inner command. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-...

fingerprint-strings NSE Script

Prints the readable strings from service fingerprints of unknown services. Nmap's service and application version detection engine sends named probes to target services and tries to identify them based on the response. When there is no match, Nmap produces a service fingerprint for submission...

Mozilla Foundation Security Advisory 2011-43

Mozilla Foundation Security Advisory 2011-43 Title: loadSubScript unwraps XPCNativeWrapper scope parameter Impact: Critical Announced: September 27, 2011 Reporter: David Rees Products: Firefox, SeaMonkey Fixed in: Firefox 7.0 SeaMonkey 2.4 Description David Rees reported that the JSSubScriptLoade...