GHSA-R6HF-G5X6-7PV9 Guardrails AI contains a code injection vulnerability in its Hub package installation mechanism

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

Malicious code in roku-aihub (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 19b48d460fde1b6b9802a2f2b7d93928f89b0474235adc54553971ed4575e5df Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Security Bulletin: Multiple Vulnerabilities in IBM Engineering AI hub.

Summary Multiple vulnerabilities were addressed in IBM Engineering AI Hub version 1.1.0. Vulnerability Details CVEID:CVE-2025-58751 DESCRIPTION: Vite is a frontend tooling framework for JavaScript. Prior to versions 7.1.5, 7.0.7, 6.3.6, and 5.4.20, files starting with the same name with the publi...

EUVD-2025-11117

Malicious code in bioql PyPI...

CVE-2025-26927

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows Upload a Web Shell to a Web Server.This issue affects AI Hub: from n/a through = 1.3.7...

CVE-2025-26927

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows Upload a Web Shell to a Web Server.This issue affects AI Hub: from n/a through = 1.3.7...

CVE-2025-26927 WordPress AI Hub plugin <= 1.3.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows Upload a Web Shell to a Web Server.This issue affects AI Hub: from n/a through = 1.3.7...

CVE-2025-26927 WordPress AI Hub plugin <= 1.3.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows Upload a Web Shell to a Web Server.This issue affects AI Hub: from n/a through = 1.3.7...

CVE-2025-26927

CVE-2025-26927 : Unrestricted Upload of File with Dangerous Type in the AI Hub WordPress Theme (AI Hub:

WordPress plugin AI Hub 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

WordPress AI Hub plugin <= 1.3.7 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by luc in WordPress Theme AI Hub versions = 1.3.7...

WordPress AI Hub Theme <= 1.3.3 is vulnerable to Arbitrary File Upload

Software AI Hub Type Theme Vulnerable versions = 1.3.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2025-26927 Patch priority High CVSS severity High 10 Developer EPC PSID 5de783124503 Credits luc Required privilege Unauthenticated Published 10 April, 2025...