11213 matches found
CVE-2026-2285 CVE-2026-2285
CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...
CVE-2026-2285
CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...
CVE-2026-2285
CrewAI CVE-2026-2285 is an arbitrary local file read vulnerability in the JSON loader tool, caused by lack of path validation in the loader. Affected ecosystem details indicate affected crewai-tools transitive deps (crewai-tools >=0.13.2,
CVE-2026-2285 CVE-2026-2285
CrewAI contains a arbitrary local file read vulnerability in the JSON loader tool that reads files without path validation, enabling access to files on the server...
PT-2026-29158
Name of the Vulnerable Software and Affected Versions NocoBase versions prior to 2.0.28 Description NocoBase is an AI-powered no-code/low-code platform. Versions of NocoBase prior to 2.0.28 have a security flaw that allows an authenticated attacker to achieve Remote Code Execution RCE as root. Th...
CrewAI contains multiple vulnerabilities including SSRF, RCE and local file read
Overview Four vulnerabilities have been identified in CrewAI, including remote code execution RCE, arbitrary local file read, and server-side request forgery SSRF. CVE-2026-2275 is directly caused by the Code Interpreter Tool. The other three vulnerabilities result from improper default...
Remote Code Execution (RCE)
Indico is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper sanitization of LaTeX input allowing bypass via crafted syntax, which allows an attacker to read local files or execute arbitrary code on the server when LaTeX rendering is enabled...
CVE-2026-3098
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1.33 via the 'actionExportAll' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on th...
CVE-2026-33725
Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterprise prior to versions 1.54.22, 1.55.22, 1.56.22, 1.57.16, 1.58.10, and 1.59.4, authenticated admins on Metabase Enterprise Edition can achieve Remote Code Execution RCE and Arbitrary File Read via the...
GHSA-QH6H-P6C9-FF54 LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions
Summary Multiple functions in langchaincore.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an application passes user-influenced prompt configurations to loadprompt or loadpromptfromconfig...
GHSA-83XR-5XXR-MH92 Incus vulnerable to arbitrary file read and write through pongo templates
Summary Instance template files can be used to cause arbitrary read or writes as root on the host server. Details Incus allows for pongo2 templates within instances which can be used at various times in the instance lifecycle to template files inside of the instance. This particular implementatio...
Incus vulnerable to arbitrary file read and write through pongo templates
Summary Instance template files can be used to cause arbitrary read or writes as root on the host server. Details Incus allows for pongo2 templates within instances which can be used at various times in the instance lifecycle to template files inside of the instance. This particular implementatio...
EUVD-2026-16640
A path traversal vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 2026-01-19 in the Beifong AI News and Podcast Agent backend in FastAPI backend, stream-audio endpoint, in file routers/podcastrouter.py, in function streamaudio. The stream-aud...
CVE-2026-29871
A path traversal vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 2026-01-19 in the Beifong AI News and Podcast Agent backend in FastAPI backend, stream-audio endpoint, in file routers/podcastrouter.py, in function streamaudio. The stream-aud...
WordPress Smart Slider 3 plugin <= 3.5.1.33 - Authenticated (Subscriber+) Arbitrary File Read via actionExportAll vulnerability
Authenticated Subscriber+ Arbitrary File Read via actionExportAll vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Smart Slider 3 versions = 3.5.1.33...
EUVD-2026-16531
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1.33 via the 'actionExportAll' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on th...
CVE-2026-3098
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1.33 via the 'actionExportAll' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on th...
CVE-2026-3098 Smart Slider 3 <= 3.5.1.33 - Authenticated (Subscriber+) Arbitrary File Read via actionExportAll
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1.33 via the 'actionExportAll' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on th...
CVE-2026-3098
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1.33 via the 'actionExportAll' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on th...
CVE-2026-3098
CVE-2026-3098 affects Smart Slider 3 for WordPress. Affected versions include all up to 3.5.1.33 and allow Arbitrary File Read via the actionExportAll function when accessed by authenticated users with Subscriber-level access or higher. Root cause stated as insufficient validation in actionExport...