3 matches found
EUVD-2026-41516
Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext in the agent's local transaction state cache. Affected versions of th...
CVE-2026-39981
AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safejoin function in the essentialabilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or...
WordPress Fluent Support Plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Bao BlueRock in WordPress Plugin Fluent Support versions = 1.9.1...