Lucene search
K

8 matches found

Github Security Blog
Github Security Blog
added 2026/05/12 4:17 p.m.12 views

OpenClaude Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input

Summary The dangerouslyDisableSandbox parameter is exposed as part of the BashTool input schema, meaning the LLM an untrusted principal per the project's own threat model can set it to true in any tooluse response. Combined with the default allowUnsandboxedCommands: true setting, a prompt-injecte...

9.8CVSS6.4AI score0.00544EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/05/12 4:17 p.m.6 views

GHSA-M77W-P5JJ-XMHG OpenClaude Sandbox Bypass via Model-Controlled `dangerouslyDisableSandbox` Input

Summary The dangerouslyDisableSandbox parameter is exposed as part of the BashTool input schema, meaning the LLM an untrusted principal per the project's own threat model can set it to true in any tooluse response. Combined with the default allowUnsandboxedCommands: true setting, a prompt-injecte...

9.8CVSS6.4AI score0.00544EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEV
added 2025/11/27 12:0 a.m.14 views

VulnCheck KEV: CVE-2025-8943

The Custom MCPs feature is designed to execute OS commands, for instance, using tools like npx to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls RBAC. Furthermore, in Flowise versions before 3.0.1 the...

9.8CVSS5.9AI score0.70866EPSS
In wildExploits3References140
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-24801

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.70866EPSS
Exploits3References3
OSV
OSV
added 2025/09/15 8:30 p.m.2 views

GHSA-6933-JPX5-Q87Q Flowise has unsandboxed remote code execution via Custom MCP

Summary The Custom MCPs feature is designed to execute OS commands, for instance, using tools like npx to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls RBAC. Furthermore, the default installation of...

9.3CVSS7.8AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/08/14 12:30 p.m.16 views

Flowise OS command remote code execution

The Custom MCPs feature is designed to execute OS commands, for instance, using tools like npx to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls RBAC. Furthermore, in Flowise versions before 3.0.1 the...

9.8CVSS7.6AI score0.70866EPSS
Exploits3References3Affected Software1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.6 views

Flowise 安全漏洞

Flowise is a FlowiseAI open source tool for easily building LLM applications. A security vulnerability exists in versions prior to Flowise 3.0.1 that stems from the lack of authentication and role-based access control in the default installation, which could lead to the execution of un-sandboxed ...

9.8CVSS6.7AI score0.70866EPSS
Exploits3References2
OSV
OSV
added 2023/03/31 12:3 p.m.8 views

SUSE-SU-2023:1712-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2023-28101: Fixed misleading terminal output with metadata with ANSI control codes bsc1209410. - CVE-2023-28100: Fixed unsandboxed TIOCLINUX commands bsc1209411...

10CVSS7.2AI score0.00887EPSS
Exploits0References5
Rows per page
Query Builder