355 matches found
PraisonAI AgentOS - Information Disclosure
PraisonAI's AgentOS FastAPI application server exposes an unauthenticated GET /api/agents endpoint that lists every registered agent's name, role and the opening of its instructions system prompt. No authentication is enforced on the route, allowing a remote attacker to enumerate agent...
CVE-2026-10513
The Webmention plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.8.0 via parser-derived 'avatar' and 'url' author metadata. This is due to insufficient input sanitization and output escaping on user-supplied MF2 author properties processed by the...
EUVD-2026-40371
OpenZiti through 2.0.0, fixed in commit 3027fdf, contains a privilege escalation vulnerability that allows authenticated non-admin identities with fine-grained enrollment management permissions to create enrollments for any identity, including the default administrator, because the ApplyCreate...
PYSEC-2026-478 PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution
Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely exploitable Critical chain: 1. The example exposes an A2A server without configuring authtoken. 2. The same example binds the server to 0.0.0.0. 3. The example registers a calculateexpression tool...
CVE-2026-50136
Budibase is an open-source low-code platform. Prior to 3.39.3, the application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by the recaptcha middleware and does not require...
CVE-2026-50136
Budibase is an open-source low-code platform. Prior to 3.39.3, the application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by the recaptcha middleware and does not require...
CVE-2026-50136
Budibase prior to version 3.39.3 exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The /api/attachments/:datasourceId/url route is protected only by recaptcha, allowing a caller with workspace and S3 datasource IDs t...
CVE-2026-43920 FOSSBilling: Unauthenticated update patcher endpoint allows remote maintenance execution
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.4 through 0.7.2, the /run-patcher maintenance endpoint in FOSSBilling was accessible without authentication, which allowed unauthenticated remote users to trigger update patch routines that modify configurati...
Arbitrary Argument Injection
Overview Jellyfin.Common is an a Free Software Media System that puts you in control of managing and streaming your media. Affected versions of this package are vulnerable to Arbitrary Argument Injection via the SubtitleEncoder.ConvertTextSubtitleToSrtInternal process. An attacker can achieve...
Budibase has an Account Impersonation Issue — Chat Identity Link Hijacking via Missing Consent & CSRF
Title Chat Identity Link Hijacking — Attacker Can Silently Map Their Slack/Discord Identity to Any Authenticated Budibase User's Account Severity High — CVSS 3.1: AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N = 7.3 Affected Product - Product: Budibase - Version: 3.37.2 introduced in this version - Componen...
PT-2026-51453
Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.3 Description The application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by recaptcha...
PT-2026-51454
Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.0 Description An authentication bypass exists in the Budibase server route POST /api/attachments/:datasourceId/url because it lacks the authorized... middleware. An anonymous attacker who can enumerate a workspa...
CVE-2026-56282
Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQL replication telemetry including slot names and WAL LSN positions. Attackers can access this endpoint without authentication to retrieve sensitive...
CVE-2026-56282 Capgo - Information Disclosure via Unauthenticated /replication Endpoint
Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQL replication telemetry including slot names and WAL LSN positions. Attackers can access this endpoint without authentication to retrieve sensitive...
CVE-2026-49357
Line Desktop MCP is a project that, while unaffiliated with the official line-bot-mcp-server, allows users to directly operate the LINE Desktop application on Windows or Mac via MCP. line-desktop-mcp supports a --http-mode Streamable HTTP transport for use with clients such as n8n. In this mode t...
EUVD-2026-37960
PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attackers to trigger arbitrary agent execution. The POST /agui endpoint lacks authentication and hardcodes Access-Control-Allow-Origin: headers, combined with Starlette's...
PT-2026-50979
Name of the Vulnerable Software and Affected Versions Tilt versions 0.24.0 through 0.37.3 Description The Tilt HUD WebSocket endpoint /ws/view is susceptible to Cross-site WebSocket Hijacking CSWSH, a technique where an attacker tricks a victim's browser into establishing a WebSocket connection t...
Incorrect Authorization
Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...
PT-2026-50705
Name of the Vulnerable Software and Affected Versions U.S. GAO Electronic Protest Docketing System EPDS affected versions not specified U.S. CBCA Electronic Docketing System EDS affected versions not specified Description The U.S. Government Accountability Office GAO Electronic Protest Docketing...
CVE-2026-48783
Postiz is an AI social media scheduling tool. Versions prior to 2.21.8 contained an unauthenticated endpoint that accepted a signed token and applied subscription-enforcement side effects to the organization referenced in that token's claims, without verifying the token's intended purpose. The...