Lucene search
K

143 matches found

Cvelist
Cvelist
added 2 days ago18 views

CVE-2026-54760 Langroid: SQLChatAgent dangerous-function blocklist can be bypassed with quoted or schema-qualified pg_read_file calls

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.1, the SQLChatAgent SQL-injection mitigation, with default allowdangerousoperations=False, combines a raw-text regex blocklist DANGEROUSSQLPATTERNS with a sqlglot SELECT-only statement allowlist...

9.3CVSS0.00646EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago18 views

CVE-2026-50180 Langroid: SQLChatAgent _validate_query blocklist misses pg_read_file family enabling arbitrary file read

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.64.0, SQLChatAgent in langroid ships a validatequery defense-in-depth layer whose DANGEROUSSQLPATTERNS regex blocklist enumerates dangerous SQL primitives by specific function name. The list misses...

8.7CVSS0.00686EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-59223

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, WEBFETCHFILTERLIST matching compared configured host entries against URL strings and non-label-boundary suffixes, allowing path-based blocklist bypasses such as !internal.example.com in a URL pa...

4.3CVSS6AI score0.00233EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-456 PickleScan's pkgutil.resolve_name has a universal blocklist bypass

Summary pkgutil.resolvename is a Python stdlib function that resolves any "module:attribute" string to the corresponding Python object at runtime. By using pkgutil.resolvename as the first REDUCE call in a pickle, an attacker can obtain a reference to ANY blocked function e.g., os.system,...

10CVSS5.8AI score0.00623EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 7:17 p.m.11 views

EUVD-2026-37512

pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses incomplete fix of CVE-2026-46678...

6.8CVSS5.8AI score0.00332EPSS
Exploits0References5
OSV
OSV
added 2026/06/22 10:16 p.m.5 views

PYSEC-2026-596

Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitrary user-supplied URLs without validation. Unauthenticated attackers can bypass the internal-address blocklist using IPv6-mapped IPv4 addresses to reac...

8.6CVSS5.9AI score0.00417EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 10:16 p.m.15 views

CVE-2026-56266

Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitrary user-supplied URLs without validation. Unauthenticated attackers can bypass the internal-address blocklist using IPv6-mapped IPv4 addresses to reac...

9.2CVSS0.00276EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.22 views

CVE-2026-56266 Crawl4AI - Server-Side Request Forgery via Direct Crawl Endpoints

Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitrary user-supplied URLs without validation. Unauthenticated attackers can bypass the internal-address blocklist using IPv6-mapped IPv4 addresses to reac...

9.2CVSS0.00276EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/19 7:36 p.m.7 views

Cross-site Scripting (XSS)

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the file upload extension check in FilesRouter in src/FilesRouter and FilesController. An...

4.4CVSS5.8AI score0.00406EPSS
Exploits0References3
OSV
OSV
added 2026/06/19 7:35 p.m.4 views

GHSA-7WQV-XJF3-X35V parse-server: Stored XSS via trailing-dot filename bypassing file upload extension blocklist

Impact The default file upload extension blocklist can be bypassed by appending a trailing dot to a filename whose extension would otherwise be blocked e.g. poc.svg.. The trailing dot causes the extension parser to extract an empty string, which short-circuits the blocklist check, and the...

2.1CVSS5.8AI score0.00281EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-51112

Name of the Vulnerable Software and Affected Versions Parse Server affected versions not specified Description The default fileUpload.fileExtensions blocklist can be bypassed by uploading files with non-standard or compound extensions combined with a dangerous content type. This allows the upload...

2.1CVSS5.8AI score0.00406EPSS
Exploits0References11
OSV
OSV
added 2026/06/18 2:26 p.m.4 views

GHSA-P69M-4F92-2V84 PraisonAI: Remote Code Execution via Sandbox Escape in `codeMode` Tool

Summary The codeMode tool in src/praisonai-ts/src/tools/builtins/code-mode.ts uses new Function with a withsandbox pattern to execute LLM-generated code. The blocklist-based "sandbox" can be trivially bypassed via Function'return this' to recover the global object, followed by global.require with...

9.8CVSS6.5AI score
Exploits0References2
NVD
NVD
added 2026/06/17 5:17 p.m.15 views

CVE-2026-53872

picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...

8.7CVSS0.00509EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 5:16 p.m.14 views

CVE-2026-3490

picklescan before 1.0.4 fails to block pkgutil.resolvename, allowing attackers to bypass the entire blocklist by resolving any dangerous function through indirect REDUCE calls. Remote attackers can invoke any blocked function such as os.system, builtins.exec, or subprocess.call to achieve remote...

10CVSS0.00623EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 3:5 p.m.15 views

CVE-2026-53873

The CVE-2026-53873 vulnerability affects picklescan prior to 1.0.4, where an incomplete blocklist for the profile module fails to block module-level profile.run(), enabling arbitrary code execution via exec() through crafted pickle files. Attackers can craft malicious pickles calling profile.run(...

9.8CVSS6.3AI score0.0046EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/17 3:5 p.m.18 views

CVE-2026-53873 picklescan - Arbitrary Code Execution via profile.run() Blocklist Bypass

picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module-level profile.run function, allowing attackers to achieve arbitrary code execution via exec. Attackers can craft malicious pickle files calling profile.runstatement to execute arbitrary...

9.8CVSS0.0046EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/17 3:5 p.m.22 views

CVE-2026-53872 picklescan - Arbitrary File Read via Unsafe Pickle Deserialization

picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...

8.7CVSS0.00509EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 3:5 p.m.9 views

EUVD-2026-37738

picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...

8.7CVSS5.6AI score0.00509EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 3:5 p.m.11 views

CVE-2026-53872

The CVE-2026-53872 entry covers picklescan (pre-0.0.35) with an unsafe pickle deserialization flaw that allows unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. This leads to potential exposure of sensitive data (e.g., /etc/passwd) despite ...

8.7CVSS5.6AI score0.00509EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 3:5 p.m.11 views

EUVD-2026-37737

picklescan before 1.0.4 fails to block pkgutil.resolvename, allowing attackers to bypass the entire blocklist by resolving any dangerous function through indirect REDUCE calls. Remote attackers can invoke any blocked function such as os.system, builtins.exec, or subprocess.call to achieve remote...

10CVSS5.8AI score0.00623EPSS
Exploits0References2
Rows per page
Query Builder