151 matches found
CVE-2026-16204
Technical details for CVE-2026-16204 are not publicly provided in the supplied documents; no concrete affected versions, vulnerable components, or remediation details are available here. Monitor for updates.
CVE-2026-16204 zevorn rt-claw Telegram-to-AI Tool Execution Flow script.c tool_run_script_execute code injection
A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This affects the function toolrunscriptexecute of the file claw/services/tools/script.c of the component Telegram-to-AI Tool Execution Flow. Performing a manipulation results in code injection. It is possible to initiate the attac...
PT-2026-61038
A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This affects the function tool run script execute of the file claw/services/tools/script.c of the component Telegram-to-AI Tool Execution Flow. Performing a manipulation results in code injection. It is possible to initiate the...
CVE-2026-56074
PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent executecommand calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate API keys and...
CVE-2023-31316
Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor ASP could allow an attacker with the ability to write outside the trusted memory range TMR to change the execution flow of the Video Core Next VCN firmware potentially...
CVE-2026-46059
A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine nSVM module. This vulnerability occurs when running nested virtual machines L2 guests with NRIPS Next Instruction Pointer Suppression disabled. After an L2 guest's initial run, the NextRIP value in vmcb02 may not be correctly...
CVE-2023-31316
Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor ASP could allow an attacker with the ability to write outside the trusted memory range TMR to change the execution flow of the Video Core Next VCN firmware potentially...
PT-2026-27234
OpenClaw before 2026.2.22 contains an authorization bypass vulnerability in allowlist mode where allow-always persistence at wrapper-level enables approval-bypass execution of different payloads. Attackers can approve benign wrapped system.run commands to broaden trust boundaries and execute...
EUVD-2005-2828
Malware in sbrugna...
EUVD-2007-4641
Malware in sbrugna...
EUVD-2013-4634
Malware in sbrugna...
EUVD-2022-15432
Malicious code in bioql PyPI...
EUVD-2025-24813
Malicious code in bioql PyPI...
EUVD-2021-29046
Malicious code in bioql PyPI...
EUVD-2024-47866
Malicious code in bioql PyPI...
EUVD-2021-33191
Malicious code in bioql PyPI...
EUVD-2024-42800
Malicious code in bioql PyPI...
EUVD-2021-31329
Malicious code in bioql PyPI...
GHSA-XH92-RQRQ-227V Mastra Docs MCP Server `@mastra/mcp-docs-server` Leads to Information Exposure
The Mastra Docs MCP Server package @mastra/mcp-docs-server is a server designed to provide documentation context to AI agentic workflows, such as those used in AI-powered IDEs. Resources: Package URL: https://www.npmjs.com/package/@mastra/mcp-docs-server ----- Overview The @mastra/mcp-docs-server...
NVIDIA Megatron-LM Code Injection Vulnerability
NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that originates in a tool component and can be exploited by an attacker to modify the...