Lucene search
+L

7 matches found

Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.16 views

PT-2026-45050

Name of the Vulnerable Software and Affected Versions PraisonAI affected versions not specified Description The first-party A2A server example in PraisonAI contains a critical chain that allows remote code execution. The example binds the server to 0.0.0.0 and exposes the /a2a endpoint without...

9.8CVSS6.7AI score0.00084EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/02/04 8:3 p.m.31 views

CVE-2026-25481 Langroid has WAF Bypass Leading to RCE in TableChatAgent

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.59.32, there is a bypass to the fix for CVE-2025-46724. TableChatAgent can call pandaseval tool to evaluate the expression. There is a WAF in langroid/utils/pandasutils.py introduced to block code...

9.4CVSS0.00648EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.10 views

Langroid 代码注入漏洞

Langroid is an open-source tool developed using multi-agent programming for LLM tasks. Versions of Langroid prior to 0.59.32 had a code injection vulnerability. This vulnerability stemmed from a bypass in the TableChatAgent’s invocation of the pandaseval tool, which could allow arbitrary code to ...

9.6CVSS6.8AI score0.00648EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/01/06 5:13 p.m.4 views

expr-eval: expr-eval: Prototype Pollution

A prototype pollution flaw was found in expr-eval. An attacker with access to express eval interface can use JavaScript prototype-based inheritance model to achieve arbitrary code execution...

7.3CVSS7.3AI score0.00459EPSS
Exploits1References7
Packet Storm
Packet Storm
added 2025/01/12 12:0 a.m.142 views

CISA: Cybersecurity Evaluation Tool (CSET) Seminar Presentation

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

7.4AI score
Exploits0
CISA
CISA
added 2023/07/17 12:0 p.m.5 views

CISA Develops Factsheet for Free Tools for Cloud Environments

CISA has developed and published a factsheet, Free Tools for Cloud Environments, to help businesses transitioning into a cloud environment identify proper tools and techniques necessary for the protection of critical assets and data security. Free Tools for Cloud Environments provides network...

7.4AI score
Exploits0References7
The Hacker News
The Hacker News
added 2011/09/28 12:14 a.m.3 views

Department of Homeland Security Releases Cyber Security Evaluation Tool (CSET)

Department of Homeland Security Releases Cyber Security Evaluation Tool CSET The Cyber Security Evaluation Tool CSET is a Department of Homeland Security DHS product that assists organizations in protecting their key national cyber assets. It was developed under the direction of the DHS National...

7.1AI score
Exploits0
Rows per page
Query Builder