CVE-2026-34937

PraisonAI is a multi-agent teams system. Prior to version 1.5.90, runpython in praisonai constructs a shell command string by interpolating user-controlled code into python3 -c "" and passing it to subprocess.run..., shell=True. The escaping logic only handles \ and ", leaving $ and backtick...

CVE-2026-34937

PraisonAI is a multi-agent teams system. Prior to version 1.5.90, runpython in praisonai constructs a shell command string by interpolating user-controlled code into python3 -c "" and passing it to subprocess.run..., shell=True. The escaping logic only handles \ and ", leaving $ and backtick...

PraisonAI 安全漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.90 contained security vulnerabilities. These vulnerabilities stemmed from the runpython function, which constructs commands by inserting user-controlled code into shell...

Command Injection

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

CVE-2026-25904

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

Server-side Request Forgery (SSRF)

Overview mcp-run-python is a Model Context Protocol server to run Python code in a sandbox. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to an overly permissive configuration of the Deno sandbox, which allows access to the localhost interface. An attack...

repository-manager (>=1.2.10 <=1.2.15) potentially affected by CVE-2026-25904 via mcp-run-python (=0.0.22)

mcp-run-python PYPI version =0.0.22 is affected by a known vulnerability. The following packages have a transitive dependency on mcp-run-python and may be impacted: - repository-manager =1.2.10, =1.2.15 Source cves: CVE-2026-25904 Source advisory: SNYK:PYTHON-MCPRUNPYTHON-15250607...

repository-manager (>=1.2.10 <=1.2.15) potentially affected by CVE-2026-25905 via mcp-run-python (=0.0.22)

mcp-run-python PYPI version =0.0.22 is affected by a known vulnerability. The following packages have a transitive dependency on mcp-run-python and may be impacted: - repository-manager =1.2.10, =1.2.15 Source cves: CVE-2026-25905 Source advisory: SNYK:PYTHON-MCPRUNPYTHON-15250553...

MCP Run Python Deno Sandbox Misconfiguration Allows SSRF Attacks via Localhost Access

Impact Server-Side Request Forgery SSRF: A security vulnerability exists in the mcp-run-python tool specifically within the Pydantic-AI integration due to an overly permissive Deno sandbox configuration. The tool configures the Deno runtime—which is intended to isolate the execution of untrusted...

GHSA-6FGP-M6Q4-J3Q5 MCP Run Python Deno Sandbox Misconfiguration Allows SSRF Attacks via Localhost Access

Impact Server-Side Request Forgery SSRF: A security vulnerability exists in the mcp-run-python tool specifically within the Pydantic-AI integration due to an overly permissive Deno sandbox configuration. The tool configures the Deno runtime—which is intended to isolate the execution of untrusted...

repository-manager (>=1.2.10 <=1.2.15) potentially affected by CVE-2026-25904 via mcp-run-python (=0.0.22)

mcp-run-python PYPI version =0.0.22 is affected by a known vulnerability. The following packages have a transitive dependency on mcp-run-python and may be impacted: - repository-manager =1.2.10, =1.2.15 Source cves: CVE-2026-25904 Source advisory: OSV:GHSA-6FGP-M6Q4-J3Q5...

repository-manager (>=1.2.10 <=1.2.15) potentially affected by CVE-2026-25905 via mcp-run-python (=0.0.22)

mcp-run-python PYPI version =0.0.22 is affected by a known vulnerability. The following packages have a transitive dependency on mcp-run-python and may be impacted: - repository-manager =1.2.10, =1.2.15 Source cves: CVE-2026-25905 Source advisory: OSV:GHSA-PFV4-WMPH-5GC6...

GHSA-PFV4-WMPH-5GC6 MCP Run Python has a Sandbox Escape & Server Takeover Vulnerability

Impact Critical Sandbox Escape & Server Takeover: A critical security vulnerability exists in mcp-run-python due to a lack of isolation between the Python runtime Pyodide and the host JavaScript environment. The runPython and runPythonAsync functions execute Python code using Pyodide without...

CVE-2026-25904

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

CVE-2026-25905

The Python code being run by 'runPython' or 'runPythonAsync' is not isolated from the rest of the JS code, allowing any Python code to use the Pyodide APIs to modify the JS environment. This may result in an attacker hijacking the MCP server - for malicious purposes including MCP tool shadowing...

CVE-2026-25905 Lack of isolation in mcp-run-python leads to MCP server takeover

The Python code being run by 'runPython' or 'runPythonAsync' is not isolated from the rest of the JS code, allowing any Python code to use the Pyodide APIs to modify the JS environment. This may result in an attacker hijacking the MCP server - for malicious purposes including MCP tool shadowing...

CVE-2026-25904 Overly permissive Deno configuration in mcp-run-python leads to SSRF

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

CVE-2026-25904

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

CVE-2026-25904 Overly permissive Deno configuration in mcp-run-python leads to SSRF

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

ASX To MP3 Converter 3.1.3.7.2010.11.05 Buffer Overflow

Exploit Title: ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow DEP,ASLR Bypass PoC Software Link Download: https://github.com/x00x00x00x00/ASXtoMP3Converter3.1.3.7.2010.11.05/blob/master/ASXtoMP3Converter3.1.3.7.2010.11.05.exe?raw=true Exploit Author: Paras Bhatia Discovery...