Lucene search
K

10 matches found

Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.23 views

PT-2026-50805

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 1.5.128 Description The software caches tool approval decisions based solely on the tool name rather than the invocation arguments. This allows subsequent calls to the execute command function to bypass approval...

6.8CVSS6AI score0.00116EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/02/05 1:22 a.m.6 views

CVE-2026-24887

Claude Code is an agentic coding tool. Prior to version 2.0.72, due to an error in command parsing, it was possible to bypass the Claude Code confirmation prompt to trigger execution of untrusted commands through the find command. Reliably exploiting this required the ability to add untrusted...

8.8CVSS5.6AI score0.00562EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/03 12:0 a.m.7 views

Claude Code 代码注入漏洞

Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code prior to 2.0.72 contained a code injection vulnerability. This vulnerability stemmed from command parsing errors, which could allow bypassing confirmation prompts and executing...

8.8CVSS5.9AI score0.00562EPSS
Exploits1References1
Veracode
Veracode
added 2025/09/08 6:19 a.m.4 views

Improper Input Validation

@anthropic-ai/claude-code is vulnerable to improper input validation. The vulnerability is due to an overly broad allowlist of safe commands, which allows an attacker to bypass confirmation prompts, read file contents, and exfiltrate them over the network without user confirmation...

7.5CVSS6.8AI score0.00431EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.4 views

SUSE CVE-2022-29909

Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

7.5CVSS8.8AI score0.00848EPSS
Exploits0References9
CNNVD
CNNVD
added 2022/05/24 12:0 a.m.3 views

Mozilla Thunderbird 安全漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The program supports IMAP and POP mail protocols as well as the HTML mail format. A security vulnerability exists in Mozilla Thunderbird. An attacker could u...

6.1AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/05/05 2:36 p.m.5 views

Mozilla: Bypassing permission prompt in nested browsing contexts

The Mozilla Foundation Security Advisory describes this flaw as: Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions...

8.8CVSS7.3AI score0.00848EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/05/03 12:0 a.m.2 views

Mozilla Firefox 权限许可和访问控制问题漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a Permission Granting and Access Control Issue vulnerability that stems from improper management of permissions in the application. An attacker could exploit the...

8.8CVSS8.2AI score0.00848EPSS
Exploits0References21
CNNVD
CNNVD
added 2022/02/08 12:0 a.m.4 views

Mozilla Firefox 权限许可和访问控制问题漏洞

Mozilla Firefox is an open source Web browser from the Mozilla Foundation in the U.S. A permission permission and access control issue vulnerability exists in Mozilla Firefox, which stems from the way Firefox handles extension updates. An attacker could use the vulnerability to trick victims into...

6.5CVSS7.5AI score0.00644EPSS
Exploits0References23
OSV
OSV
added 2018/01/23 12:0 a.m.4 views

UBUNTU-CVE-2018-5105

WebExtensions can bypass user prompts to first save and then open an arbitrarily downloaded file. This can result in an executable file running with local user privileges without explicit user consent. This vulnerability affects Firefox 58...

7.8CVSS7.2AI score0.00423EPSS
Exploits0References4
Rows per page
Query Builder