CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

78 matches found

Mage AI - Insecure Default Authentication Setup

A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability i...

6.3CVSS4.8AI score0.01045EPSS

Exploits1References5

RedhatCVE•added 2026/06/08 2:59 p.m.•8 views

CVE-2026-11436

A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mageai/frontend/components/Sessions/SignForm/index.tsx of the component Sign-in Flow. Performing a manipulation of the argument query.redirecturl results in cross site scripting. Remote...

5.3CVSS4AI score0.00263EPSS

Exploits0References1

NVD•added 2026/06/06 4:16 p.m.•11 views

CVE-2026-11436

5.3CVSS0.00263EPSS

Exploits0References5

Cvelist•added 2026/06/06 3:45 p.m.•37 views

CVE-2026-11436 Mage AI Sign-in Flow index.tsx useMutation cross site scripting

5.3CVSS0.00263EPSS

Exploits0References5

ATTACKERKB•added 2026/06/06 3:45 p.m.•6 views

CVE-2026-11436

5.3CVSS4AI score0.00263EPSS

Exploits0References5

Vulnrichment•added 2026/06/06 3:45 p.m.•6 views

CVE-2026-11436 Mage AI Sign-in Flow index.tsx useMutation cross site scripting

5.3CVSS4.1AI score0.00263EPSS

Exploits0References5

CVE•added 2026/06/06 3:45 p.m.•23 views

CVE-2026-11436

Mage AI up to version 0.9.79 is affected in the Sign-in Flow. The vulnerability is in the useMutation function within mage_ai/frontend/components/Sessions/SignForm/index.tsx, where manipulating the query.redirect_url argument triggers cross site scripting. Remote exploitation is possible, and the...

5.3CVSS4.1AI score0.00263EPSS

Exploits0References5

CNNVD•added 2026/06/06 12:0 a.m.•7 views

Mage AI 代码注入漏洞

Mage AI is an intelligent program developed by Mage OpenSource, used for building, running, and managing data pipelines. Versions of Mage AI 0.9.79 and earlier contained a code injection vulnerability. This vulnerability stemmed from the use of the query.redirecturl parameter in the useMutation...

5.3CVSS4.6AI score0.00263EPSS

Exploits0References6

Positive Technologies•added 2026/06/06 12:0 a.m.•15 views

PT-2026-47158

Name of the Vulnerable Software and Affected Versions Mage AI versions prior to 0.9.80 Description A cross-site scripting issue exists in the Sign-in Flow component within the useMutation function of the file mage ai/frontend/components/Sessions/SignForm/index.tsx. Manipulation of the...

5.3CVSS5.2AI score0.00263EPSS

Exploits0References8

RedhatCVE•added 2026/01/09 9:27 a.m.•5 views

CVE-2023-31143

mage-ai is an open-source data pipeline tool for transforming and integrating data. Those who use Mage starting in version 0.8.34 and prior to 0.8.72 with user authentication enabled may be affected by a vulnerability. The terminal could be accessed by users who are not signed in or do not have...

9.8CVSS6.9AI score0.00659EPSS

Exploits0References1