This briefing covers the 24-hour period from March 29-30, 2026, focusing primarily on newly disclosed vulnerabilities and active malware distribution campaigns. The period saw the disclosure of 30 high-severity and 7 critical-severity CVEs, with several affecting widely-deployed products including Ghidra reverse engineering software and multiple IoT/network devices. Multiple OpenClaw vulnerabilities present significant risks to organizations using this platform, with critical authentication bypass and privilege escalation flaws that could allow complete system compromise.
Concurrently, threat actors continued leveraging compromised infrastructure for malware distribution, with 50 malicious URLs identified distributing multiple malware families including ACRStealer, ClearFake, Mozi botnet variants, and Mirai. The ClearFake campaign demonstrates sophisticated social engineering through fake verification pages, while Mozi and Mirai continue targeting IoT devices across multiple architectures. The concentration of buffer overflow vulnerabilities in consumer network devices (Tenda, D-Link, Belkin, Xiongmai) indicates continued exploitation of legacy firmware weaknesses.
Organizations should prioritize patching critical OpenClaw vulnerabilities immediately if deployed, update Ghidra installations to version 12.0.3 or later, and implement network-level controls to block identified malicious infrastructure. IoT device administrators should audit for affected models and apply vendor patches where available, or implement network segmentation to limit exposure.
Seven critical-severity vulnerabilities identified in OpenClaw platform enabling authentication bypass, privilege escalation, and authorization circumvention
OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verification, enabling attackers to verify valid codes multiple times and escalate pending pairing scopes to operator.admin privileges
Weak authorization vulnerability in Zalouser allowlist mode matches mutable group display names instead of stable identifiers, allowing attackers to create identically-named groups to bypass channel authorization and route messages from unauthorized groups
matchesExecAllowlistPattern improperly normalizes patterns with lowercasing and glob matching, allowing attackers to exploit wildcard matching across path segments to execute unauthorized commands or access restricted paths
Feishu reaction events with omitted chat_type are misclassified as p2p conversations, allowing attackers to bypass groupAllowFrom and requireMention protections in group chats and gain unauthorized access
device.token.rotate allows callers with operator.pairing scope to mint tokens with broader scopes by failing to constrain newly minted scopes to caller's current scope set, enabling escalation to operator.admin privileges
Multiple high-severity vulnerabilities affecting reverse engineering tools, IoT devices, and enterprise platforms enabling remote code execution
Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI through the @execute annotation
Root OS command injection in Sofia on Xiongmai DVR/NVR devices (AHB7008T-MH-V2, NBD7024H-P) 4.03.R11 via shell metacharacters in HostName value through authenticated DVRIP protocol on TCP port 34567, exploiting unsafe system() calls
Authentication bypass in Feishu webhook mode when only verificationToken is configured without encryptKey, allowing unauthenticated network attackers to inject forged Feishu events and trigger downstream tool execution
Attackers can execute rewritten local code by modifying scripts between approval and execution when exact file binding cannot occur, achieving unintended code execution with legitimate approvals
system.run approvals fail to bind mutable file operands for script runners like tsx and jiti, allowing attackers to obtain approval for benign scripts, rewrite them on disk, and execute modified code under legitimate approval context
Multiple stack-based buffer overflow vulnerabilities discovered in consumer network devices enabling remote code execution
Stack-based buffer overflow in Tenda FH1201 1.2.0.14(408) via manipulation of GO argument in formWrlExtraSet function of /goform/WrlExtraSet, exploitable remotely
Stack-based buffer overflow in Tenda FH1201 1.2.0.14(408) WrlclientSet function of /goform/WrlclientSet via manipulation of GO argument, remotely exploitable
Stack-based buffer overflow in Belkin F9K1122 1.00.33 formSetSystemSettings function via webpage argument manipulation, allowing remote exploitation
Stack-based buffer overflow in D-Link DIR-513 1.10 formSetEmail function via curTime argument manipulation in /goform/formSetEmail, remotely exploitable
Stack-based buffer overflow in Tenda F453 1.0.0.3 fromPPTPUserSetting function via delno argument manipulation in /goform/PPTPUserSetting of httpd component
Coordinated campaign distributing ACRStealer and ClearFake malware through fake verification pages hosted on compromised infrastructure
29 malicious URLs identified hosting fake Google verification pages across multiple domains (topographictrace.in.net, compressionlayer.in.net, velocityterminal.in.net, metropolitangrid.in.net, urbanflowmetric.in.net) distributing ACRStealer and ClearFake malware through social engineering tactics
14 active URLs distributing Mozi botnet payloads targeting MIPS and ARM architectures via compromised IoT devices, indicating continued IoT exploitation campaigns
14 URLs distributing Mirai botnet variants targeting multiple architectures (x86, ARM, MIPS, PowerPC, SPARC, SuperH, m68k, ARC) from IP 38.83.138.59, demonstrating broad IoT targeting capability
Multiple SQL injection vulnerabilities discovered in code-projects Accounting System and Food Order System applications
SQL injection vulnerability in code-projects Accounting System 1.0 via en_id parameter in /view_work.php, remotely exploitable
SQL injection vulnerability in code-projects Accounting System 1.0 via cos_id parameter in /edit_costumer.php, allowing remote exploitation
SQL injection vulnerability in code-projects Accounting System 1.0 via cos_id parameter in /view_costumer.php
SQL injection vulnerability in code-projects Simple Food Order System 1.0 via Status parameter in all-orders.php
Additional high-severity vulnerabilities in OpenClaw platform affecting authorization controls and sandbox boundaries
Authorization bypass in gateway agent RPC allows authenticated operators with operator.write permission to override workspace boundaries by supplying attacker-controlled spawnedBy and workspaceDir values, enabling workspace escape
Session transcript JSONL files created with overly broad default permissions allow local users to read transcript contents including secrets from tool output
session_status tool allows sandboxed subagents to access parent or sibling session state by supplying arbitrary sessionKey values to read or modify session data outside sandbox scope
Leaf subagents can access subagents control surface and resolve against parent requester scope instead of their own session tree, allowing low-privilege sandboxed workers to steer or kill sibling runs
Insufficient access control in /config and /debug command handlers allows command-authorized non-owners to access owner-only surfaces and read or modify privileged configuration settings
Additional OpenClaw vulnerabilities affecting credential management and resource consumption
Long-lived shared gateway credentials embedded directly in pairing setup codes generated by /pair endpoint and OpenClaw qr command, allowing attackers with access to leaked setup codes to recover and reuse shared gateway credentials
Reads and buffers Telegram webhook request bodies before validating authentication header, allowing unauthenticated attackers to exhaust server resources through forced memory consumption and socket timeouts
Authorization bypass allows authenticated operators with only operator.write permission to access admin-only browser profile management routes through browser.request, enabling creation or modification of browser profiles with attacker-controlled settings