“ClawJacked” flaw let malicious sites hijack OpenClaw AI agents to steal data; patch released in version 2026.2.26. A high-severity vulnerability called ClawJacked in OpenClaw allowed malicious websites to brute-force and take control of local AI agent instances. Oasis Security discovered the flaw, which enabled silent data theft. OpenClaw addressed the issue with version 2026.2.26, released […]
A vulnerability labeled as critical has been found in MediaTek MT2718, MT6899, MT6991, MT8678 and MT8793. This issue affects some unknown processing of the component imgsys. The manipulation results in use after free.
This vulnerability is known as CVE-2026-20439. Attacking locally is a requirement. No exploit is available.
A patch should be applied to remediate this issue.
A vulnerability categorized as critical has been discovered in MediaTek MT2718, MT6899, MT6991, MT8678 and MT8793. This affects an unknown part of the component MAE. Executing a manipulation can lead to out-of-bounds write.
This vulnerability appears as CVE-2026-20441. The attack requires local access. There is no available exploit.
Applying a patch is advised to resolve this issue.
A vulnerability was found in MediaTek MT2718, MT6899, MT6991, MT8678 and MT8793. It has been rated as critical. Affected by this issue is some unknown functionality of the component MAE. Performing a manipulation results in improper validation of specified index, position, or offset in input.
This vulnerability is reported as CVE-2026-20440. The attack requires a local approach. No exploit exists.
It is recommended to apply a patch to fix this issue.
A vulnerability was found in MediaTek MT2718, MT6899, MT6991, MT8168, MT8169, MT8186, MT8188, MT8678, MT8695, MT8696 and MT8793. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component MAE. Such manipulation leads to time-of-check time-of-use.
This vulnerability is documented as CVE-2026-20438. The attack needs to be performed locally. There is not any exploit available.
It is best practice to apply a patch to resolve this issue.