2669 matches found
CVE-2026-56075
PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approvalmode to auto, overriding administrator configuration from PRAISONAPPROVALMODE environment variable. Authenticated attackers can instruct the LLM agent to execute arbitrary...
CVE-2026-56075 PraisonAI - Arbitrary Shell Command Execution via Hardcoded Approval Mode Override
PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approvalmode to auto, overriding administrator configuration from PRAISONAPPROVALMODE environment variable. Authenticated attackers can instruct the LLM agent to execute arbitrary...
Untrusted Search Path
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Untrusted Search Path via the PATH environment variable influencing the selection of the trash executable during maintenance tasks. An attacker can execute unintended local executables by...
CVE-2026-48980
pamusb provides hardware authentication for Linux using removable media. In versions prior to 0.9.2, getenv environment variables XRDPSESSION, DISPLAY and TMUX allow environment variable injection into local-check logic. These environment variables influence whether a current session is local or...
CVE-2026-48980 pam_usb: getenv() used in PAM context allows environment variable injection into local-check logic
pamusb provides hardware authentication for Linux using removable media. In versions prior to 0.9.2, getenv environment variables XRDPSESSION, DISPLAY and TMUX allow environment variable injection into local-check logic. These environment variables influence whether a current session is local or...
Improper Authentication
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
PT-2026-50715
Name of the Vulnerable Software and Affected Versions Bitnami Cassandra container images versions 4.0.x prior to 4.0.20-photon-5-r7 Bitnami Cassandra container images versions 4.1.x prior to 4.1.11-photon-5-r7 Bitnami Cassandra container images versions 5.0.x prior to 5.0.8-photon-5-r4 /...
PT-2026-50823
Name of the Vulnerable Software and Affected Versions armeria-xds versions 1.38.0 through 1.39.0 Description DataSourceStream in the xDS module resolves filename and environment variable fields from SDS Secret resources without an allow-list or base-directory confinement. This allows a compromise...
PT-2026-50781
Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.9.2 Description This software provides hardware authentication for Linux using removable media. A flaw exists where the getenv function allows environment variable injection into local-check logic via the XRDP...
CVE-2026-55743
OpenHuman desktop agent (before 0.54.0, fixed in 0.56.0) contains two policy flaws in src/openhuman/security/policy.rs that bypass the shell allowlist, enabling remote code execution via indirect prompt injection. First, is_args_safe() blocks -exec and -ok while not blocking -execdir/-okdir (whic...
CVE-2026-53858
OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATEDIRECTORY could influence bundled runtime dependency roots. Attackers can manipulate the STATEDIRECTORY variable to load runtime dependencies from unintended local paths, potentially...
CVE-2026-53842
OpenClaw before 2026.5.2 contains an environment variable injection vulnerability allowing workspace .env files to influence Python runtime selection through CLOUDSDKPYTHON during Gmail setup gcloud execution. Attackers with repository access can manipulate the CLOUDSDKPYTHON variable to execute...
CVE-2026-53858
OpenClaw (pre-2026.5.2) is affected by CVE-2026-53858: an environment variable injection flaw where the workspace .env STATE_DIRECTORY can influence bundled runtime dependency roots. An attacker can manipulate STATE_DIRECTORY to load runtime dependencies from unintended local paths, potentially e...
CVE-2026-53858 OpenClaw < 2026.5.2 - Arbitrary Runtime Dependency Loading via STATE_DIRECTORY Environment Variable
OpenClaw before 2026.5.2 contains an environment variable injection vulnerability where workspace .env STATEDIRECTORY could influence bundled runtime dependency roots. Attackers can manipulate the STATEDIRECTORY variable to load runtime dependencies from unintended local paths, potentially...
CVE-2026-53842
OpenClaw prior to 2026.5.2 is affected by an environment variable injection in CLOUDSDK_PYTHON that can influence Python runtime selection during Gmail setup gcloud execution. Attackers with repository access can set CLOUDSDK_PYTHON to point to unintended local Python paths, potentially enabling ...
PT-2026-49775
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.2 Description An environment variable injection exists where the STATE DIRECTORY variable in a workspace .env file can influence bundled runtime dependency roots. This allows attackers to manipulate STATE...
Malicious code in surf-lending (npm)
Sibling of [email protected] campaign C2 path /surflending/. Sentinel-9.9.9 dep-confusion squat; preinstall node index.js || true exfils env secrets mnemonic/key/token/blockfrost to raw C2 2.25.140.71:8443/surflending/npm-confusion. c913 + c252. --- -= Per source details. Do not edit below this...
MAL-2026-5808 Malicious code in surf-lending (npm)
Sibling of [email protected] campaign C2 path /surflending/. Sentinel-9.9.9 dep-confusion squat; preinstall node index.js || true exfils env secrets mnemonic/key/token/blockfrost to raw C2 2.25.140.71:8443/surflending/npm-confusion. c913 + c252. --- -= Per source details. Do not edit below this...
CVE-2026-42890
Actual is an open-source personal finance application. In the macOS desktop application version 25.x built on Electron 39.2.7, the ELECTRONRUNASNODE fuse is not disabled, allowing an attacker who can place a file on disk or control command-line arguments to invoke the signed Actual.app binary wit...
Withdrawn Advisory: esbuild: Missing binary integrity verification in Deno module enables remote code execution via NPM_CONFIG_REGISTRY
Withdrawn Advisory This advisory has been withdrawn because the affected package was incorrectly identified and the actual affected package is not in a supported ecosystem. This link is maintained to preserve external references. Original Description Summary The esbuild Deno module lib/deno/mod.t...