7 matches found
EUVD-2026-45269
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files to unintended locations due to improper input validation in the APIRequest component. A path traversal vulnerability exists when the "Save to File" feature is enabled, where filenames extracted from HT...
CVE-2026-8859
Langflow OSS (versions 1.0.0–1.10.0) contains a path traversal vulnerability in the APIRequest component when the Save to File feature is enabled. Filenames parsed from HTTP Content-Disposition headers are not sanitized, allowing an attacker-controlled server to craft paths (e.g., ../) and writ...
CVE-2026-8859 Path Traversal in APIRequest Component via Content-Disposition Header
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files to unintended locations due to improper input validation in the APIRequest component. A path traversal vulnerability exists when the "Save to File" feature is enabled, where filenames extracted from HT...
Security Bulletin: Path Traversal Vulnerability in API Request Component Content-Disposition Header Processing
Summary A path traversal vulnerability existed in the API Request component's response handling logic. An authenticated attacker could craft a malicious server response with a specially crafted Content-Disposition header containing directory traversal sequences. When a victim configured an API...
Security Bulletin: Path Traversal in APIRequest Component via Content-Disposition Header
Summary A path traversal vulnerability existed in the APIRequest component when the "Save to File" feature was enabled. The component extracted filenames from server-controlled Content-Disposition headers without proper sanitization, allowing an attacker-controlled HTTP response to write files to...
CVE-2026-29870
A directory traversal vulnerability in the agentic-context-engine project versions up to 0.7.1 allows arbitrary file writes via the checkpointdir parameter in OfflineACE.run. The savetofile method in ace/skillbook.py fails to normalize or validate filesystem paths, allowing traversal sequences to...
Scscanner - Tool To Read Website Status Code Response From The Lists
scscanner is tool to read website status code response from the lists. This tool have ability to filter only spesific status code, and save the result to a file. Feature Slight dependency. This tool only need curl to be installed Multi-processing. Scanning will be more faster with multi-processin...