CVE-2026-43568

OpenClaw versions 2026.4.5 before 2026.4.10 contain a privilege escalation vulnerability allowing write-scoped operators to modify persistent memory dreaming settings. Attackers with write-scoped gateway access can toggle admin-class configuration mutations through the /dreaming endpoint to...

Updated ffmpeg packages fix security vulnerabilities

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input. CVE-2026-30997 FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to...

SharpCompress 路径遍历漏洞

SharpCompress is a pure C compression library developed by Adam Hathcock. It is compatible with.NET Standard 2.0, 2.1,.NET Core 3.1, and.NET 5.0. Versions of SharpCompress prior to 0.47.4 contained a path traversal vulnerability; this vulnerability stemmed from the IArchive.WriteToDirectory...

PT-2026-43199

The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device...

Important: dnsmasq

Issue Overview: A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet. CVE-2026-4890 A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause...

PT-2026-43240

When Compliance is enabled on Check Point Multi-Domain Management, an authenticated administrator with read-write access to one Management Domain CMA can modify stored metadata associated with Compliance Best Practices in another Management Domain, where the administrator has no access permission...

PT-2026-43369

Name of the Vulnerable Software and Affected Versions IBM HTTP Server version 8.5 IBM HTTP Server version 9.0 Description An issue exists that allows a denial of service in configurations where an attacker possesses write access to portions of the server configuration. Recommendations At the...

PT-2026-43414

Name of the Vulnerable Software and Affected Versions epa4all-client versions prior to 1.2.5 Description Any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In misconfigured deployments, such as those...

PT-2026-47106

A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as...

Check Point Multi-Domain Management 安全漏洞

Check Point Multi-Domain Management is a centralized security management platform provided by Check Point Israel. Check Point Multi-Domain Management has a security vulnerability. This vulnerability arises from the fact that when compliance is enabled in the multi-domain management system, verifi...

PT-2026-47112

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opj jp2 read header may lead to OOB heap memory write when the data stream p stream is too short and p image is not initialized...

PT-2026-47098

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

PT-2026-43336

Name of the Vulnerable Software and Affected Versions NVIDIA Display Driver for Windows and Linux affected versions not specified Description An out-of-bounds write issue exists, which occurs when a program writes data past the end of the intended buffer. A successful exploit could result in deni...

CVE-2026-41863

Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories. Affected versions: Spring AI: 1.1.0...

CVE-2026-2651

A vulnerability in MLflow versions =3.10.1.dev0 allows unauthorized access to multipart upload MPU endpoints when the --serve-artifacts mode is enabled. The authorization logic does not enforce resource-level permission checks for /mlflow-artifacts/mpu/ endpoints, enabling attackers to overwrite...

CVE-2026-41863

Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories. Affected versions: Spring AI: 1.1.0...

CVE-2026-41863 LLM-influenced filename used unsanitized in Path.resolve before file write in Spring AI support for Anthropic Skills API

Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the intended target directory, including restricted directories. Affected versions: Spring AI: 1.1.0...

VMware Spring AI 安全漏洞

VMware Spring AI is a development framework from VMware that integrates Artificial Intelligence and Large Language Modeling capabilities in the Spring ecosystem. A security vulnerability exists in VMware Spring AI versions 1.1.0 through 1.1.x. The vulnerability stems from a failure to clean up...

Exploit for Write-what-where Condition in Linux Linux_Kernel

No d...

CVE-2026-48136 - Authenticated Administrator Role-Based Access Control Bypass in Compliance

Symptoms - When Compliance is enabled on Check Point Multi-Domain Management, an authenticated administrator with read-write access to one Management Domain CMA can modify stored metadata associated with Compliance Best Practices in another Management Domain, where the administrator has no access...