Alerts¶

High-signal incident notes, malware waves, CVE writeups, and active defensive references.

How to use alerts¶

• Start with the newest entries when you need current context.
• Use alerts to capture threat details that should remain linkable after the initial advisory window.
• Fold recurring lessons into Skills, Playbooks, or Best Practices when they become reusable guidance.

Recent highlights¶

• SiYuan reflected XSS via SVG namespace-prefix bypass
• @tinacms/graphql FilesystemBridge path validation bypass via symlinks or junctions
• Mattermost account takeover substring matching flaw and login rate-limit DoS
• Malware in plain-crypto-js and axios
• Citrix NetScaler out-of-bounds read vulnerability
• Fleet team maintainer can transfer hosts from any team via missing source team authorization
• Forge signature forgery in RSA-PKCS due to ASN.1 extra field
• jsrsasign DSA validation failure and zero-input DoS
• OpenClaw ACP approval prompt ANSI escape sequence injection
• OpenClaw Telegram DM-scoped inline button callbacks bypass DM pairing and mutate session state
• OpenClaw Synology Chat webhook pre-auth rate-limit bypass enables brute-force guessing of webhook token
• OpenClaw MS Teams feedback invocation bypasses sender allowlists and records unauthorized session feedback
• OpenClaw gateway plugin subagent fallback deleteSession uses synthetic operator.admin
• OpenClaw Feishu raw card send surface can mint legacy card callbacks that bypass DM pairing
• OpenClaw Feishu webhook reads and parses unauthenticated request bodies before signature validation
• OpenClaw SSRF via unguarded configured base URLs in multiple channel extensions
• TrueConf Client download of code without integrity check
• CISA KEV