Aggregator

A vulnerability described as critical has been identified in OpenClaw up to 2026.3.12. This affects an unknown part of the file src/infra/device-bootstrap.ts. The manipulation results in authentication bypass by capture-replay. This vulnerability is cataloged as CVE-2026-32987. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability marked as problematic has been reported in OpenClaw up to 2026.3.12. Affected by this issue is some unknown functionality of the component JSON Parser. The manipulation leads to allocation of resources. This vulnerability is listed as CVE-2026-32980. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in OpenClaw up to 2026.3.10. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to incorrect authorization. This vulnerability is tracked as CVE-2026-32978. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in OpenClaw up to 2026.3.10. Affected is an unknown function. Performing a manipulation results in incorrect authorization. This vulnerability is identified as CVE-2026-32919. The attack is only possible with local access. There is not any exploit available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in OpenClaw up to 2026.3.10. This impacts an unknown function. Such manipulation of the argument spawnedBy/workspaceDir leads to exposure of resource. This vulnerability is referenced as CVE-2026-33573. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in OpenClaw up to 2026.3.10. It has been rated as critical. This affects an unknown function. This manipulation causes permissive regular expression. The identification of this vulnerability is CVE-2026-32973. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.

A vulnerability was found in OpenClaw up to 2026.3.10. It has been declared as problematic. The impacted element is an unknown function of the component CDP Endpoint. The manipulation results in incorrect authorization. This vulnerability was named CVE-2026-32972. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in OpenClaw up to 2026.3.11. It has been classified as critical. The affected element is an unknown function. The manipulation of the argument chat_type leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2026-32924. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in OpenClaw up to 2026.3.10 and classified as critical. Impacted is an unknown function. Executing a manipulation can lead to incorrect authorization. This vulnerability is handled as CVE-2026-32923. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability has been found in OpenClaw up to 2026.3.10 and classified as critical. This issue affects the function device.token.rotate. Performing a manipulation results in incorrect privilege assignment. This vulnerability is known as CVE-2026-32922. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.18.18/6.19.8/7.0-rc3. This vulnerability affects the function set_notification_done. Such manipulation leads to deadlock. This vulnerability is traded as CVE-2026-23400. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

听说你埋在安全运营里出不来了？

2026 年 3 月 27 日，美国白宫正式发布官方通稿，宣布上线全新的白宫官方移动应用。

番茄和胡萝卜是食物中类胡萝卜素的主要来源。类胡萝卜素有助于降低多种慢性疾病的风险，包括心血管疾病和癌症。类胡萝卜素的健康影响不仅取决于其在食物中的浓度，还取决于其生物可利用率（Bioaccessibility）——即这些物质在经过人体消化后到底有多少能真正被肠胃吸收。生物可利用率会根据烹饪方式不同而产生显著差异。热处理通过破坏细胞结构和促进微胶粒形成提高类胡萝卜素的生物可利用率，但过高的温度或过长的时间可能导致其降解和异构化。根据发表在《Food Chemistry》期刊上的一项研究，研究人员对比了空气炸锅、烤箱和微波炉烹饪番茄和胡萝卜的生物可利用率。结果显示：胡萝卜经烤箱烹饪后，其总类胡萝卜素的生物可利用率最高可达原来的 9 倍；对于西红柿，无论采用空气炸锅（190 ℃ 10 分钟）还是传统烤箱（180 ℃ 20 分钟）烹饪，均可获得最高的生物利用率；对胡萝卜来说，微波加热是效率最高的烹饪方式，可将电力消耗降低 96%；对于西红柿来说，使用空气炸锅不仅能获得最高的生物可利用率，还能减少 80% 的耗能。

Currently trending CVE - Hype Score: 1 - A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi endpoints allows unauthenticated access intended for authenticated users. An attacker may perform privileged HTTP actions without authentication, including firmware ...

A vulnerability classified as problematic has been found in Apple iOS and iPadOS up to 26.2. This impacts an unknown function of the component App. Performing a manipulation results in information disclosure. This vulnerability is identified as CVE-2026-20686. The attack is only possible with local access. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Apple iOS, iPadOS and macOS up to 26.3. Affected is an unknown function of the component Hide IP Address Handler. Executing a manipulation can lead to information disclosure. This vulnerability is tracked as CVE-2026-20692. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability, which was classified as problematic, has been found in Apple macOS up to 14.8.4/15.7.4/26.3. Affected by this vulnerability is an unknown functionality of the component Protected System File Handler. The manipulation leads to state issue. This vulnerability is listed as CVE-2026-20693. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Apple iOS, iPadOS, macOS, tvOS, visionOS and watchOS up to 18.7.6/26.3. Affected by this issue is some unknown functionality of the component Media File Handler. The manipulation results in out-of-bounds read. This vulnerability is cataloged as CVE-2026-20690. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability was found in Apple macOS up to 14.8.4/15.7.4/26.3 and classified as problematic. This vulnerability affects unknown code of the component Kernel Memory Handler. Such manipulation leads to information disclosure. This vulnerability is documented as CVE-2026-20695. The attack needs to be performed locally. There is not any exploit available. It is suggested to upgrade the affected component.