Lucene search
K

9 matches found

Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-53922

Name of the Vulnerable Software and Affected Versions Vibe-Trading versions prior to 0.1.10 Description The application constructs the swarm run directory by joining a caller-supplied run identifier to the runs base directory without proper validation in the run dir function located in...

4.2CVSS6AI score0.00253EPSS
Exploits0References9
Snyk
Snyk
added 2026/06/18 1:52 p.m.7 views

Information Exposure

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

8.7CVSS5.8AI score
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has security vulnerabilities. The...

7.5CVSS5.4AI score0.00458EPSS
Exploits0References4
CVE
CVE
added 2026/05/12 12:0 a.m.18 views

CVE-2026-31241

The CVE-2026-31241 entry concerns the mem0 1.0.0 server, where the DELETE /memories endpoint fails to enforce authentication/authorization. This allows unauthenticated attackers to delete memory records by supplying arbitrary identifiers (e.g., user_id, run_id, agent_id) via query parameters, pot...

6.5CVSS6AI score0.00386EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2025/03/20 12:32 p.m.4 views

Cross-site Scripting (XSS)

Overview agentscope is an AgentScope: A Flexible yet Robust Multi-Agent Platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the dashboard.js view for inspecting detailed run information. An attacker can execute arbitrary JavaScript code in the context of the...

6.1CVSS5.4AI score0.00389EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.6 views

TONGDA Office Anywhere SQL注入漏洞

TONGDA Office Anywhere is a collaborative office OA system from China Tongda TONGDA. TONGDA Office Anywhere suffers from a SQL injection vulnerability, which originates from a SQL injection vulnerability in the RUNID parameter of the /general/approvecenter/query/list/inputform/deletedataattach.ph...

9.8CVSS7AI score0.00543EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.6 views

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from an inability to check whether a user is a guest when updating a private Playbook run, which can be exploited by an attacker to update a...

4.3CVSS6.7AI score0.00374EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.7 views

PT-2023-31401 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue allows a guest user to update tasks of a private playbook run if they know the run ID, due to a lack of proper user checks. Recommendations: At the moment, there is no...

4.3CVSS4.3AI score0.00374EPSS
Exploits0References6
PyPA
PyPA
added 2022/11/14 10:15 a.m.7 views

PYSEC-2022-42982

A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided runid parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0...

8.8CVSS7.6AI score0.85653EPSS
Exploits2References7Affected Software1
Rows per page
Query Builder