EUVD-2025-6353

Malicious code in bioql PyPI...

Microsoft Azure Promptflow Python Library promptflow-tools < 1.6.0 RCE

The detected version of Microsoft Azure Promptflow python package, promptflow-tools, is prior to version 1.6.0. It is, therefore, affected by a remote code execution vulnerability. An unauthenticated, remote attacker can exploit this to bypass authentication and execute unauthorized arbitrary...

CVE-2025-24986

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...

The vulnerability of the Azure Promptflow application development tool, related to insufficient spatial partitioning, allows a hacker to execute arbitrary code.

The vulnerability of the Azure Promptflow application development tool is related to insufficient spatial separation. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure products. A malicious person could exploit the vulnerabilities to grant themselves elevated privileges or execute arbitrary code with the privileges of the vulnerable application. Azure PromptFlow:...

Azure PromptFlow remote code execution related to Jinja templates

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...

GHSA-GPRR-V9F2-PX3C Azure PromptFlow remote code execution related to Jinja templates

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...

CVE-2025-24986

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...

CVE-2025-24986

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...

CVE-2025-24986 Azure Promptflow Remote Code Execution Vulnerability

...

CVE-2025-24986

Azure PromptFlow components are affected by CVE-2025-24986: promptflow-core &lt; 1.17.2 and promptflow-tools

CVE-2025-24986 Azure Promptflow Remote Code Execution Vulnerability

...

Azure Promptflow Remote Code Execution Vulnerability

Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network...

Microsoft Azure 安全漏洞

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft USA. A security vulnerability exists in Microsoft Azure. An attacker exploiting this vulnerability could remotely execute code. The following products and versions are affected: Azure promptflow-core,Azu...