7 matches found
CVE-2026-41679
Summary of CVE-2026-41679 (Paperclip) : Paperclip, a Node.js server with a React UI, is vulnerable to unauthenticated remote code execution via an Import Authorization bypass. Up to version 2026.416.0, an unauthenticated attacker can trigger full RCE on any network-accessible Paperclip instance r...
CVE-2026-41679 Paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in authenticated mode with default configuration...
GHSA-3PW3-V88X-XJ24 Paperclip: Arbitrary File Read via Agent-Controlled adapterConfig.instructionsFilePath
Summary Paperclip contains an arbitrary file read vulnerability that allows an attacker with an Agent API key to read files from the Paperclip server host filesystem. The vulnerability occurs because agents are allowed to modify their own adapterConfig through the /agents/:id API endpoint. The...
Paperclip: Arbitrary File Read via Agent-Controlled adapterConfig.instructionsFilePath
Summary Paperclip contains an arbitrary file read vulnerability that allows an attacker with an Agent API key to read files from the Paperclip server host filesystem. The vulnerability occurs because agents are allowed to modify their own adapterConfig through the /agents/:id API endpoint. The...
paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass
Summary An unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in authenticated mode with default configuration. No user interaction, no credentials, just the target's address. The entire chain is six API calls. I verified every ste...
GHSA-68QG-G8MG-6PR7 paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass
Summary An unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in authenticated mode with default configuration. No user interaction, no credentials, just the target's address. The entire chain is six API calls. I verified every ste...
rubygem-paperclip -- validation bypass vulnerability
Jon Yurek reports: Thanks to MORI Shingo of DeNA Co., Ltd. for reporting this. There is an issue where if an HTML file is uploaded with a .html extension, but the content type is listed as being image/jpeg, this will bypass a validation checking for images. But it will also pass the spoof check,...