Security Bulletin: IBM webMethods API Management fails to validate user input and enables unauthorized arbitrary file read (CVE-2026-2606)

Summary IBM webMethods API Management on-prem fails to properly validate user-supplied input passed to the url parameter on the /createapi endpoint. An attacker can modify this parameter to use a file:// URI schema instead of the expected https:// schema, enabling unauthorized arbitrary file read...

GHSA-GRRG-5CG9-58PF PraisonAIAgents: Arbitrary File Read via read_skill_file Missing Workspace Boundary and Approval Gate

Summary readskillfile in skilltools.py allows reading arbitrary files from the filesystem by accepting an unrestricted skillpath parameter. Unlike filetools.readfile which enforces workspace boundary confinement, and unlike runskillscript which requires critical-level approval, readskillfile has...

PraisonAIAgents: Arbitrary File Read via read_skill_file Missing Workspace Boundary and Approval Gate

Summary readskillfile in skilltools.py allows reading arbitrary files from the filesystem by accepting an unrestricted skillpath parameter. Unlike filetools.readfile which enforces workspace boundary confinement, and unlike runskillscript which requires critical-level approval, readskillfile has...

CVE-2026-33737

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, multiple files use simplexmlloadstring without XXE protection. With LIBXMLNOENT flag, arbitrary server files can be read. This vulnerability is fixed in 1.11.38 and 2.0.0-RC.3...

Metasploit Wrap-Up 04/10/2026

Speedup Improvements of MSFVenom & New Modules This week, we have added new modules to Metasploit Framework targeting Cisco Catalyst SD-WAN controllers and osTicket as well as updates and improvements to Windows service-for-user persistence, and LDAP/ADCS-related modules to automatically report...

CVE-2026-40086

Rembg is a tool to remove images background. Prior to 2.0.75, a path traversal vulnerability in the rembg HTTP server allows unauthenticated remote attackers to read arbitrary files from the server's filesystem. By sending a crafted request with a malicious modelpath parameter, an attacker can...

PT-2026-31984

Rembg is a tool to remove images background. Prior to 2.0.75, a path traversal vulnerability in the rembg HTTP server allows unauthenticated remote attackers to read arbitrary files from the server's filesystem. By sending a crafted request with a malicious model path parameter, an attacker can...

CVE-2026-23780

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A SQL injection vulnerability in the MFT API's debug interface allows an authenticated attacker to inject malicious queries due to improper input validation and unsafe dynamic SQL handling. Successful exploitation can enable...

PT-2026-32026

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, multiple files use simplexml load string without XXE protection. With LIBXML NOENT flag, arbitrary server files can be read. This vulnerability is fixed in 1.11.38 and 2.0.0-RC.3...

CVE-2026-23780

Affected product: BMC Control-M/MFT 9.0.20–9.0.22. Vulnerability: SQL injection in the MFT API debug interface due to improper input validation and unsafe dynamic SQL handling. Impact: authenticated attacker can read/write arbitrary files and may achieve remote code execution; no exploit details ...

CVE-2026-23780

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A SQL injection vulnerability in the MFT API's debug interface allows an authenticated attacker to inject malicious queries due to improper input validation and unsafe dynamic SQL handling. Successful exploitation can enable...

PT-2026-31921

An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A SQL injection vulnerability in the MFT API's debug interface allows an authenticated attacker to inject malicious queries due to improper input validation and unsafe dynamic SQL handling. Successful exploitation can enable...

CVE-2026-40150

PraxisonAIAgents’ web_crawl() (praisonaiagents/tools/web_crawl_tools.py) before version 1.5.128 accepts arbitrary URLs with zero validation. There is no scheme allowlisting, hostname/IP blocklisting, or private-network checks prior to fetching, enabling potential SSRF and local file read via file...

CVE-2026-40117 PraisonAIAgents Affected by Arbitrary File Read via read_skill_file Missing Workspace Boundary and Approval Gate

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, readskillfile in skilltools.py allows reading arbitrary files from the filesystem by accepting an unrestricted skillpath parameter. Unlike filetools.readfile which enforces workspace boundary confinement, and unlike runskillscript...

CVE-2026-40117 PraisonAIAgents Affected by Arbitrary File Read via read_skill_file Missing Workspace Boundary and Approval Gate

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, readskillfile in skilltools.py allows reading arbitrary files from the filesystem by accepting an unrestricted skillpath parameter. Unlike filetools.readfile which enforces workspace boundary confinement, and unlike runskillscript...

CVE-2026-40117

CVE-2026-40117 concerns PraisonAIAgents, a multi-agent system. Before version 1.5.128, read_skill_file() in skill_tools.py allowed reading arbitrary filesystem files by accepting an unrestricted skill_path, lacking both workspace confinement and an approval gate. This enables potential data exfil...

DEBIAN-CVE-2026-39977

flatpak-builder is a tool to build flatpaks from source. From 1.4.5 to before 1.4.8, the license-files manifest key takes an array of paths to user defined licence files relative to the source directory of the module. The paths from that array are resolved using gfileresolverelativepath and...

CVE-2026-22682

OpenHarness prior to commit 166fcfe contains an improper access control vulnerability in built-in file tools due to inconsistent parameter handling in permission enforcement, allowing attackers who can influence agent tool execution to read arbitrary local files outside the intended repository...

CVE-2026-39977

The CVE concerns flatpak-builder (versions 1.4.5–1.4.7) where the license-files manifest key accepts an array of paths relative to the module source. Paths are validated using two checks, but the final path component and symlink handling can allow path traversal. The copy operation runs on the ho...

CVE-2026-39977 flatpak-builder has a path traversal leading to arbitrary file read on host when installing licence files

flatpak-builder is a tool to build flatpaks from source. From 1.4.5 to before 1.4.8, the license-files manifest key takes an array of paths to user defined licence files relative to the source directory of the module. The paths from that array are resolved using gfileresolverelativepath and...