41 matches found
Arbitrary Code Injection
Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Arbitrary Code Injection in the executecodedirect function when the AST-based filtering mechanism fails to block dangerous attribute access...
CVE-2026-40087 LangChain has incomplete f-string validation in prompt templates
LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same...
CVE-2026-40087
LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same...
CVE-2026-40087
LangChain CVE-2026-40087 affects the f-string prompt-template validation prior to versions 0.3.84 and 1.2.28. The vulnerability arises because DictPromptTemplate and ImagePromptTemplate could accept templates containing attribute access or indexing expressions and evaluate them during formatting,...
MiracleLinux 9 : thunderbird-128.10.0-1.el9_5.ML.1 (AXSA:2025-9936:10)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9936:10 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing...
MiracleLinux 7 : firefox-128.10.0-1.0.2.el7.AXS7 (AXSA:2025-9956:15)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9956:15 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing...
RLSA-2025:4443 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing CVE-2025-4087 firefox:...
RHEL 9 : firefox (RHSA-2025:7428)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7428 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
AlmaLinux 9 : thunderbird (ALSA-2025:4460)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:4460 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing CVE-2025-40...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update ...
RHEL 8 : thunderbird (RHSA-2025:7689)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7689 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater...
RHEL 8 : thunderbird (RHSA-2025:7690)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7690 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater...
RHEL 9 : thunderbird (RHSA-2025:7694)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7694 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater...
firefox: thunderbird: Unsafe attribute access during XPath parsing
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...
RHEL 8 : firefox (RHSA-2025:7547)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7547 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
RHEL 8 : firefox (RHSA-2025:7543)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7543 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
firefox: thunderbird: Unsafe attribute access during XPath parsing
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...