CVE-2026-5556

A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code injection. Remote exploitation of the attack is possible...

CVE-2026-5556

A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code injection. Remote exploitation of the attack is possible...

CVE-2026-5556

CVE-2026-5556 affects badlogic pi-mono up to 0.58.4. The vulnerability targets the function discoverAndLoadExtensions in packages/coding-agent/src/core/extensions/loader.ts , enabling code injection. Remote exploitation is possible; the exploit has been disclosed publicly and may be used. The ven...

CVE-2026-5556 badlogic pi-mono loader.ts discoverAndLoadExtensions code injection

A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code injection. Remote exploitation of the attack is possible...

PT-2026-30432

Name of the Vulnerable Software and Affected Versions provectus kafka-ui versions up to 0.7.2 Description A code injection issue exists in the validateAccess function within the Endpoint component, specifically in the file /api/smartfilters/testexecutions. This can be triggered remotely. The...

PT-2026-30455

A weakness has been identified in premAI-io premsql up to 0.2.1. Affected is the function eval of the file premsql/agents/baseline/workers/followup.py. This manipulation of the argument result causes code injection. The attack is possible to be carried out remotely. The exploit has been made...

Mono 代码注入漏洞

Mono is an open-source software platform used for creating .NET cross-platform applications. Version 0.58.4 of Mono contains a code injection vulnerability, which stems from the cross-site scripting found in the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts...

Code-Projects Simple Laundry System 代码注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of Code-Projects Simple Laundry System contains a code...

Code-Projects Simple Laundry System 代码注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of the code-projects Simple Laundry System contains a cod...

kafka-ui 代码注入漏洞

kafka-ui is a web management interface for Kafka developed by Provectus. Versions of kafka-ui prior to 0.7.2 contained a code injection vulnerability. This vulnerability stemmed from the validateAccess function in the endpoint/api/smartfilters/testexecutions...

Akaunting 代码注入漏洞

Akaunting is an application software provided by Akaunting Corporation that offers all the tools needed for online fund management. Versions of Akaunting 3.1.21 and earlier had a code injection vulnerability, which was caused by incorrect handling of the parameter “notes” in the Invoice/Billing...

PremSQL 代码注入漏洞

PremSQL is an AI data analysis tool library for translating localized text into SQL, developed by Prem Open Source. Versions of PremSQL 0.2.1 and earlier contained a code injection vulnerability, which was caused by incorrect handling of the result parameter, potentially leading to code injection...

PT-2026-30426

A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code injection. Remote exploitation of the attack is possible...

AgenticSeek 代码注入漏洞

AgenticSeek is a localized AI assistant developed by Martin himself. Version 0.1.0 of AgenticSeek has a code injection vulnerability. This vulnerability stems from incorrect operations on the PyInterpreter.execute function in the sources/tools/PyInterpreter.py file, which may lead to code injecti...

PT-2026-30451

Name of the Vulnerable Software and Affected Versions Fosowl agenticSeek version 0.1.0 Description A code injection issue exists in the PyInterpreter.execute function within the sources/tools/PyInterpreter.py file of the query Endpoint component. This manipulation can be exploited remotely. The...

Code-Projects Simple Laundry System 代码注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of Code-Projects Simple Laundry System contains a code...

OSS Weekend 代码注入漏洞

OSS Weekend is an AI agent development and LLM deployment management tool developed by Mario Zechner as a personal project. Versions of OSS Weekend prior to 0.58.4 contained a code injection vulnerability. This vulnerability stemmed from the discoverAndLoadExtensions function in the...

WordPress plugin Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress 代码注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

Exploit for Code Injection in Apache Ranger

CVE-2025-59059: Misattributed RCE in Apache Ranger a correcti...

Casdoor 代码注入漏洞

Casdoor is an open-source platform developed by Casdoor, which supports various authentication and authorization protocols. Version 2.356.0 of Casdoor contains a code injection vulnerability. This vulnerability stems from improper handling of parameters such as formCss/formCssMobile/formSideHtml,...