Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 Copy Fail Toolset This repository contains t...

CVE-2026-43568

OpenClaw versions 2026.4.5 before 2026.4.10 contain a privilege escalation vulnerability allowing write-scoped operators to modify persistent memory dreaming settings. Attackers with write-scoped gateway access can toggle admin-class configuration mutations through the /dreaming endpoint to...

CVE-2026-43568 OpenClaw 2026.4.5 through 2026.4.9 - Privilege Escalation via Memory Dreaming Configuration in /dreaming Endpoint

OpenClaw versions 2026.4.5 before 2026.4.10 contain a privilege escalation vulnerability allowing write-scoped operators to modify persistent memory dreaming settings. Attackers with write-scoped gateway access can toggle admin-class configuration mutations through the /dreaming endpoint to...

EUVD-2026-27287

OpenClaw versions 2026.4.5 before 2026.4.10 contain a privilege escalation vulnerability allowing write-scoped operators to modify persistent memory dreaming settings. Attackers with write-scoped gateway access can toggle admin-class configuration mutations through the /dreaming endpoint to...

CVE-2026-43568

OpenClaw is affected: versions 2026.4.5 up to (but not including) 2026.4.10 contain a privilege-escalation flaw in the memory-dreaming configuration. With write-scoped gateway access, an attacker can modify persistent memory dreaming settings via the /dreaming endpoint to escalate privileges (adm...

CVE-2026-43568

OpenClaw versions 2026.4.5 before 2026.4.10 contain a privilege escalation vulnerability allowing write-scoped operators to modify persistent memory dreaming settings. Attackers with write-scoped gateway access can toggle admin-class configuration mutations through the /dreaming endpoint to...

CVE-2026-42433 OpenClaw < 2026.4.10 - Unauthorized Matrix Profile Config Persistence Access via operator.write Message Tools

OpenClaw before 2026.4.10 contains an authorization bypass vulnerability allowing operator.write message-tool paths to access Matrix profile persistence requiring admin-level authority. Attackers can exploit insufficient access controls to mutate persistent profile configuration through non-owner...

CVE-2026-42433 OpenClaw < 2026.4.10 - Unauthorized Matrix Profile Config Persistence Access via operator.write Message Tools

OpenClaw before 2026.4.10 contains an authorization bypass vulnerability allowing operator.write message-tool paths to access Matrix profile persistence requiring admin-level authority. Attackers can exploit insufficient access controls to mutate persistent profile configuration through non-owner...

CVE-2026-42433

OpenClaw vulnerable before 2026.4.10: an authorization bypass lets an operator.write message-tool path access Matrix profile persistence with admin-level authority. Exploitation would allow non-owner message-tools to mutate persistent profile configuration due to insufficient access controls. Aff...

CVE-2026-20451

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504...

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

SUSE CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

CVE-2026-44029

An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 introduced in 2.24.7;...

UBUNTU-CVE-2026-44029

An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 introduced in 2.24.7;...

CVE-2026-44029

CVE-2026-44029 affects Nix prior to 2.34.7. The issue allows writing to arbitrary files via directory traversal in commands like nix-prefetch-url --unpack and nix store prefetch-file --unpack. Fixed in 2.34.7 (and older branches 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, 2.28.7; introduced in 2.24.7...

📄 NiceGUI 3.6.1 Path Traversal

NiceGUI version 3.6.1 suffers from a path traversal vulnerability. Exploit Title: NiceGUI 3.6.1 - Path Traversal Author: Mohammed Idrees Banyamer Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-06 Tested on: NiceGUI = 3.6.1 Python 3.8–3.12 on Linux/Windows CVE:...

📄 Python-Multipart 0.0.22 Path Traversal

Python-Multipart version 0.0.22 suffers from a path traversal vulnerability. Exploit Title: Python-Multipart 0.0.22 - Path Traversal Date: 2026-02-23 Exploit Author: cardosource Vendor Homepage: https://github.com/Kludex/python-multipart Software Link: https://pypi.org/project/python-multipart/...

PT-2026-37296

Name of the Vulnerable Software and Affected Versions AVideo versions prior to 29.0 Description An issue exists in the 'objects/sendEmail.json.php' endpoint where the absence of the contactForm parameter allows unauthenticated users to send emails to arbitrary recipients. When this parameter is...