CVE-2026-40351

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation, allowing an unauthenticated attacker to pass a MongoDB query operator object e.g., "$ne": "" as the password field. This NoSQL...

PT-2026-37009

Name of the Vulnerable Software and Affected Versions OpenClaw version 2026.4.9 Description A denial of service issue exists in the voice-call realtime WebSocket path. The system accepts oversized frames without proper validation, allowing remote attackers to send these frames to cause service...

GHSA-3PW3-V88X-XJ24 Paperclip: Arbitrary File Read via Agent-Controlled adapterConfig.instructionsFilePath

Summary Paperclip contains an arbitrary file read vulnerability that allows an attacker with an Agent API key to read files from the Paperclip server host filesystem. The vulnerability occurs because agents are allowed to modify their own adapterConfig through the /agents/:id API endpoint. The...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the ConfigMap context loader due to missing validation of the namespace value. An attacker can access sensitive data from ConfigMaps in unauthorized namespaces by creating a policy that references another...

Kyverno: Cross-Namespace Read Bypasses RBAC Isolation (CVE-2026-22039 Incomplete Fix)

Summary CVE-2026-22039 fixed cross-namespace privilege escalation in Kyverno's apiCall context by validating the URLPath field. However, the ConfigMap context loader has the identical vulnerability — the configMap.namespace field accepts any namespace with zero validation, allowing a namespace...

CVE-2025-14868

The Career Section plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Path Traversal and Arbitrary File Deletion in all versions up to, and including, 1.6. This is due to missing nonce validation and insufficient file path validation on the delete action in the...

pyLoad has a Session Cookie Security Downgrade via Untrusted X-Forwarded-Proto Header Spoofing (Global State Race Condition)

Summary The setsessioncookiesecure beforerequest handler in src/pyload/webui/app/init.py reads the X-Forwarded-Proto header from any HTTP request without validating that the request originates from a trusted proxy, then mutates the global Flask configuration SESSIONCOOKIESECURE on every request...

GHSA-MVVV-V22X-XQWP NocoBase has SSRF in Workflow HTTP Request and Custom Request Plugins

Summary NocoBase's workflow HTTP request plugin and custom request action plugin make server-side HTTP requests to user-provided URLs without any SSRF protection. An authenticated user can access internal network services, cloud metadata endpoints, and localhost. Vulnerable Code 1. Workflow HTTP...

CVE-2026-1852

The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the updateLabel and remove functions. This makes it possible for unauthenticated attackers to...

CVE-2026-1852 Product Pricing Table by WooBeWoo <= 1.1.0 - Cross-Site Request Forgery to Stored XSS and Pricing Table Deletion

The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the updateLabel and remove functions. This makes it possible for unauthenticated attackers to...

WordPress plugin Petje.af 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

Giskard has a Regular Expression Denial of Service (ReDoS) in RegexMatching Check

Summary The RegexMatching check in the giskard-checks package passes a user-supplied regular expression pattern directly to Python's re.search without any timeout, complexity guard, or pattern validation. An attacker who can control the regex pattern or the text being matched can craft inputs tha...

goshs has CSRF in state-changing GET routes enables authenticated file deletion and directory creation

Summary goshs contains a cross-site request forgery issue in its state-changing HTTP GET routes. An external attacker can cause an already authenticated browser to trigger destructive actions such as ?delete and ?mkdir because goshs relies on HTTP basic auth alone and performs no CSRF, Origin, or...

PraisonAI: SQLiteConversationStore didn't validate table_prefix when constructing SQL queries

Summary The tableprefix configuration value is directly used to construct SQL table identifiers without validation. If an attacker controls this value, they can manipulate SQL query structure, leading to unauthorized data access e.g., reading internal SQLite tables such as sqlitemaster and...

WordPress plugin Webling 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

CVE-2026-40148 PraisonAI Affected by Decompression Bomb DoS via Recipe Bundle Extraction Without Size Limits

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the safeextractall function in PraisonAI's recipe registry validates archive members against path traversal attacks but performs no checks on individual member sizes, cumulative extracted size, or member count before calling tar.extractal...

CVE-2026-39961 Aiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSource

Aiven Operator allows you to provision and manage Aiven Services from your Kubernetes cluster. From 0.31.0 to before 0.37.0, a developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any other namespace — production database credentials, API keys...

PraisonAI 代码问题漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained code vulnerabilities. These vulnerabilities stemmed from the/api/v1/runs endpoint allowing arbitrary webhook URLs without proper URL validation, which could le...

AGiXT Vulnerable to Path Traversal in safe_join()

Summary The safejoin function in the essentialabilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or delete arbitrary files on the server hosting the AGiXT...

CVE-2026-0811

CVE-2026-0811 affects the Advanced Contact Form 7 DB WordPress plugin, vulnerable in all versions up to 2.0.9 due to missing/incorrect nonce validation in vsz_cf7_save_setting_callback, enabling CSRF-based deletion of form entries. Attack requires an administrator action (e.g., clicking a link) t...