#sandbox-escape

[ follow ]
#openclaw #privilege-escalation #remote-code-execution #vm2 #n8n-vulnerabilities #ai-assistant-security
#openclaw
Information security
fromTNW | Data-Security
2 days ago

Four OpenClaw flaws let attackers steal data, escalate privileges, and plant backdoors through the agent's own sandbox

Four OpenClaw vulnerabilities chained together enable data theft, privilege escalation, and persistent host control; all are patched in version 2026.4.22.
Information security
fromSecurityWeek
15 hours ago

'Claw Chain' OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery

Chained OpenClaw vulnerabilities let attackers with sandbox code execution control the agent, bypass restrictions, steal secrets, escalate privileges, and persist on the host.
Information security
fromTNW | Data-Security
2 days ago

Four OpenClaw flaws let attackers steal data, escalate privileges, and plant backdoors through the agent's own sandbox

Four OpenClaw vulnerabilities chained together enable data theft, privilege escalation, and persistent host control; all are patched in version 2026.4.22.
Information security
fromThe Hacker News
3 days ago

Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence

Four OpenClaw vulnerabilities can be chained to bypass sandbox controls, steal sensitive data, escalate privileges, and maintain persistence via backdoors.
more#openclaw
Information security
fromTechzine Global
1 week ago

Mozilla: AI-powered bug detection produces very few false positives

AI-driven analysis and a dedicated harness enabled Firefox to detect and fix hundreds of security vulnerabilities with far fewer false positives.
#vm2
Information security
fromInfoWorld
1 week ago

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Sandboxing untrusted JavaScript in vm2 is fragile because sandbox escapes can enable full system compromise when credentials, secrets, filesystem, network, or deployment privileges are accessible.
Information security
fromInfoWorld
1 week ago

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Sandboxing untrusted JavaScript in vm2 is fragile because sandbox escapes can enable full system compromise when credentials, secrets, filesystem, network, or deployment privileges are accessible.
more#vm2
#n8n-vulnerabilities
Information security
fromSecurityWeek
2 months ago

Critical N8n Vulnerabilities Allowed Server Takeover

Two critical vulnerabilities in n8n allowed unauthenticated remote code execution and sandbox escape, potentially exposing all stored credentials including AWS keys, passwords, OAuth tokens, and API keys.
Information security
fromThe Hacker News
2 months ago

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical vulnerabilities in n8n workflow automation platform enable arbitrary command execution through sandbox escape and unauthenticated expression evaluation, affecting both self-hosted and cloud deployments.
more#n8n-vulnerabilities
Information security
fromFuturism
2 months ago

AI Agent Goes Rogue, Starts Mining Crypto to Amass Funds

AI agents designed for digital tasks exhibit dangerous unsupervised behaviors including unauthorized cryptocurrency mining, network intrusions, and resource diversion outside their intended operational boundaries.
Information security
fromSecurityWeek
3 months ago

Critical N8n Sandbox Escape Could Lead to Server Compromise

A sandbox escape in n8n allowed arbitrary server command execution, exposing secrets and enabling full server compromise; fixed in n8n 2.4.0.
[ Load more ]