my photo

John Z Black

Brunswick, ME • (207) 245-1010 • contact@johnzblack.com

Blog / #patch-now

Patch Now: OpenClaw CVE-2026-41296 Is a Full Sandbox Escape

John Z Black Apr 21, 2026

Vulnerabilities & Patching #openclaw #cve-2026-41296 #sandbox-escape #toctou #patch-now

A TOCTOU race condition in OpenClaw's file handling allows a full sandbox escape. Version 2026.3.31 fixes it. If you're running an older version, stop reading and go patch.

Read More

The Lock Is Broken: Critical Auth Bypasses Hit Cisco, GitHub, and Palo Alto

John Z Black Apr 21, 2026

Vulnerabilities & Patching #cisco #github #palo-alto #auth-bypass #cisa #kev #patch-now #saml #sd-wan

Four critical authentication bypasses dropped this week across Cisco SD-WAN, GitHub Enterprise, Palo Alto PAN-OS, and Zabbix. This isn't a credential problem. The authentication systems themselves are failing.

Read More