CVE-2026-34351

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

EUVD-2026-29672

Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network...

EUVD-2026-29671

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network...

CVE-2026-40399

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

Windows TCP/IP Denial of Service Vulnerability

...

PT-2026-40154

Name of the Vulnerable Software and Affected Versions Windows TCP/IP affected versions not specified Description A race condition occurs due to concurrent execution using a shared resource with improper synchronization in Windows TCP/IP. This allows an authorized attacker to elevate privileges...

PT-2026-40218

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network...

Duplicate Advisory: OpenClaw: Webchat media embedding enforces local-root containment for tool-result files

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mr34-9552-qr95. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowi...

CVE-2026-41389

OpenClaw 2026.4.7

PT-2026-33823

OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can craft malicious tool-result media references to trigger host-side file reads or Windows network path access, potentially...

OpenClaw: Webchat media embedding enforces local-root containment for tool-result files

Summary Webchat tool-result media normalization could pass local and UNC-style file paths into the host-side media embedding path without applying the configured local-root containment policy. Impact A crafted tool-result media reference could cause the host to attempt local file reads or Windows...

CVE-2026-4682 Certain HP DeskJet All In One (AIO) Devices – Potential Remote Code Execution & Potential Buffer Overflow

Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices WSD scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network scanning protocol that allo...

CVE-2026-4682

Certain HP DeskJet All in One devices may be vulnerable to remote code execution caused by a buffer overflow when specially crafted Web Services for Devices WSD scan requests are improperly validated and handled by the MFP. WSD Scan is a Microsoft Windows–based network scanning protocol that allo...

EUVD-2026-22724

Unisys WebPerfect Image Suite versions 3.0.3960.22810 and 3.0.3960.22604 expose a deprecated .NET Remoting TCP channel that allows remote unauthenticated attackers to leak NTLMv2 machine-account hashes by supplying a Windows UNC path as a target file argument through object-unmarshalling...

PT-2026-33075

Name of the Vulnerable Software and Affected Versions HP DeskJet 2800e Series affected versions not specified HP DeskJet 2855e affected versions not specified Description Certain HP DeskJet All in One devices are subject to remote code execution due to a stack-based buffer overflow. This occurs...

Exploit for Reliance on Untrusted Inputs in a Security Decision in Microsoft

CTT-NFS-Vortex-RCE New Physics Disclosure This repository cont...

CVE-2026-20936

Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack...

Windows NDIS Information Disclosure Vulnerability

Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack...

PT-2026-2738

CVE-2026-20936 Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack. https://t.co/LV3E4qMazm...

CVE-2025-55339

Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally...