GHSA-HWG5-X759-7WJG PraisonAI has Template Injection in Agent Tool Definitions

Summary Direct insertion of unescaped user input into template-rendering tools allows arbitrary code execution via specially crafted agent instructions. Details The createagentcentrictools function returns tools like acpcreatefile that process file content using template rendering. When user inpu...

PraisonAI has sandbox escape via exception frame traversal in `execute_code` (subprocess mode)

Summary executecode in praisonaiagents.tools.pythontools defaults to sandboxmode="sandbox", which runs user code in a subprocess wrapped with a restricted builtins dict and an AST-based blocklist. The AST blocklist embedded inside the subprocess wrapper blockedattrs, line 143 of pythontools.py...

CVE-2026-34837 Zammad is miissing authorization in AI assistance controller for context data used in text tools

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, he REST endpoint POST /api/v1/aiassistance/texttools/:id contains an authorization failure. Context data e.g., a group or organization supplied to be used in the AI prompt were not checked if they are accessible f...

CVE-2026-34837 Zammad is miissing authorization in AI assistance controller for context data used in text tools

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, he REST endpoint POST /api/v1/aiassistance/texttools/:id contains an authorization failure. Context data e.g., a group or organization supplied to be used in the AI prompt were not checked if they are accessible f...

CVE-2026-34837

Zammad (web-based open source helpdesk) has an authorization flaw in the REST endpoint POST /api/v1/ai_assistance/text_tools/:id prior to version 7.0.1. Context data (e.g., group/organization) used in AI prompts were not validated for the current user, allowing unauthorized data to be included in...

EUVD-2026-20566

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the REST endpoint POST /api/v1/aiassistance/texttools/:id was not checking if a user is privileged to use the text tool, resulting in being able to use it in all situations. This vulnerability is fixed i...

CVE-2026-34782 Zammad has improper access control in AI assistance controller for text tools

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the REST endpoint POST /api/v1/aiassistance/texttools/:id was not checking if a user is privileged to use the text tool, resulting in being able to use it in all situations. This vulnerability is fixed i...

CVE-2026-34782 Zammad has improper access control in AI assistance controller for text tools

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the REST endpoint POST /api/v1/aiassistance/texttools/:id was not checking if a user is privileged to use the text tool, resulting in being able to use it in all situations. This vulnerability is fixed i...

CVE-2026-34782

Zammad (web-based helpdesk) has an access-control flaw in the REST endpoint POST /api/v1/ai_assistance/text_tools/:id, allowing use of the text tool without proper privileges prior to versions 7.0.1 and 6.5.4. The issue enables exploitation in network contexts with low privileges and no user inte...

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

In Telegram groups, men are sharing thousands of nonconsensual images of women and girls, buying spyware, and engaging in doxing and sexual abuse...

GHSA-7853-GQQM-VCWX openclaw-claude-bridge: sandbox is not effective - `--allowed-tools ""` does not restrict available tools

Affected openclaw-claude-bridge v1.1.0 Issue v1.1.0 spawns the Claude Code CLI subprocess with --allowed-tools "" and the release notes + README claim this "disables all CLI tools" for sandboxing. This claim is incorrect. Per the Claude Code CLI documentation, --allowed-tools alias --allowedTools...

openclaw-claude-bridge: sandbox is not effective - `--allowed-tools ""` does not restrict available tools

Affected openclaw-claude-bridge v1.1.0 Issue v1.1.0 spawns the Claude Code CLI subprocess with --allowed-tools "" and the release notes + README claim this "disables all CLI tools" for sandboxing. This claim is incorrect. Per the Claude Code CLI documentation, --allowed-tools alias --allowedTools...

PT-2026-31423

Name of the Vulnerable Software and Affected Versions Zammad versions prior to 7.0.1 and prior to 6.5.4 Description Zammad, a web-based open source helpdesk system, had an issue where the REST endpoint ''/api/v1/ai assistance/text tools/:id'' did not verify user privileges for using text tools...

PT-2026-31458

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.5.115 Description A flaw exists in PraisonAI where user input from agent.start is directly passed into template-rendering tools like acp create file without proper escaping. This allows execution of template...

PT-2026-31279

Affected openclaw-claude-bridge v1.1.0 Issue v1.1.0 spawns the Claude Code CLI subprocess with --allowed-tools "" and the release notes + README claim this "disables all CLI tools" for sandboxing. This claim is incorrect. Per the Claude Code CLI documentation, --allowed-tools alias --allowedTools...

PT-2026-41279

Name of the Vulnerable Software and Affected Versions DAEMON Tools Lite versions 12.5.0.2421 through 12.5.0.2434 Description A supply chain attack compromised official installation packages distributed via the legitimate website daemon-tools.cc between April 8, 2026, and May 5, 2026. Attackers...

WordPress plugin Post Blocks & Tools 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

EUVD-2026-19746

OpenHarness prior to commit 166fcfe contains an improper access control vulnerability in built-in file tools due to inconsistent parameter handling in permission enforcement, allowing attackers who can influence agent tool execution to read arbitrary local files outside the intended repository...

com.ericsson.bss.cassandra.ecaudit:ecaudit_c5.0 (>=3.1.0 <=3.1.4), com.instaclustr:ic-sstable-tools-5.0.6 (=1.0.0) +3 more potentially affected by CVE-2026-32588 via org.apache.cassandra:cassandra-all (>=5.0.0 <=5.0.6)

org.apache.cassandra:cassandra-all MAVEN version =5.0.0, =3.1.0, =5.0.4.0, =5.0.4.0, =3.0.2, =3.0.4 Source cves: CVE-2026-32588 Source advisory: SNYK:JAVA-ORGAPACHECASSANDRA-15954234...

com.ericsson.bss.cassandra.ecaudit:ecaudit_c5.0 (>=3.1.0 <=3.1.4), com.instaclustr:ic-sstable-tools-5.0.6 (=1.0.0) +3 more potentially affected by CVE-2026-27314 via org.apache.cassandra:cassandra-all (>=5.0.0 <=5.0.6)

org.apache.cassandra:cassandra-all MAVEN version =5.0.0, =3.1.0, =5.0.4.0, =5.0.4.0, =3.0.2, =3.0.4 Source cves: CVE-2026-27314 Source advisory: SNYK:JAVA-ORGAPACHECASSANDRA-15954242...