k8sGPT has Prompt Injection through its k8sGPT-Operator

Summary In the auto-remediation pipeline, objecttoexecution.go was deserializing the AI-generated YAML directly into a Deployment object, but there was lack of validation from the original Deployment object. Details This issue was fixed after coordination with Alex Jones. PoC To minimize the...

CVE-2026-39890 PraisonAI Affected by Remote Code Execution via YAML Deserialization in Agent Definition Loading

PraisonAI is a multi-agent teams system. Prior to 4.5.115, the AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files without disabling dangerous tags such as !!js/function and !!js/undefined. This allows an attacker to craft a malicious YAML file that, when parsed,...

CVE-2026-39890

Prais onAI’s AgentService.loadAgentFromFile parses YAML with js-yaml without disabling dangerous tags (e.g., !!js/function, !!js/undefined), enabling attacker to upload a malicious agent definition and achieve remote code execution on the server. Affected software: PraisonAI (before 4.5.115). Roo...

GHSA-32VR-5GCF-3PW2 PraisonAI Vulnerable to Remote Code Execution via YAML Deserialization in Agent Definition Loading

Summary The AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files without disabling dangerous tags such as !!js/function and !!js/undefined. This allows an attacker to craft a malicious YAML file that, when parsed, executes arbitrary JavaScript code. An attacker can...

EUVD-2026-20638

PraisonAI Vulnerable to Remote Code Execution via YAML Deserialization in Agent Definition Loading...

Deserialization of Untrusted Data

Overview praisonai is a PraisonAI TypeScript AI Agents Framework - Node.js, npm, and Javascript AI Agents Framework Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the YAML deserialization in the loadAgentFromFile function. An attacker can execute...

Deserialization of Untrusted Data

Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the YAML deserialization in the loadAgentFromFile function. An attacker can execute arbitrary code...

PraisonAI Vulnerable to Remote Code Execution via YAML Deserialization in Agent Definition Loading

Summary The AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files without disabling dangerous tags such as !!js/function and !!js/undefined. This allows an attacker to craft a malicious YAML file that, when parsed, executes arbitrary JavaScript code. An attacker can...

Deserialization of Untrusted Data

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects

Impact What kind of vulnerability is it? It is a Denial of Service DoS vulnerability caused by CPU exhaustion. When serializing a specially crafted "array-like" object an object that inherits from Array.prototype but has a very large length property, the process enters an intensive loop that...

Allocation of Resources Without Limits or Throttling

Overview serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the serialize function when handling specially...

PT-2026-28596

Name of the Vulnerable Software and Affected Versions serialize-javascript versions prior to 7.0.5 Description This issue involves a Denial of Service DoS caused by CPU exhaustion. When serializing a specially crafted "array-like" object – an object inheriting from Array.prototype with a very lar...

CVE-2026-1691 bolo-solo SnakeYAML BackupService.java importMarkdownsSync deserialization

A vulnerability has been found in bolo-solo up to 2.6.4. This impacts the function importMarkdownsSync of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the component SnakeYAML. Such manipulation leads to deserialization. The attack may be launched remotely. The exploit has...

GHSA-VQXF-V2GG-X3HC docling-core vulnerable to Remote Code Execution via unsafe PyYAML usage

Impact A PyYAML-related Remote Code Execution RCE vulnerability, namely CVE-2020-14343, is exposed in docling-core =2.21.0, 2.48.4 and, specifically only if the application uses pyyaml 5.4 and invokes doclingcore.types.doc.DoclingDocument.loadfromyaml passing it untrusted YAML data. Patches The...

Docling Core code issues and vulnerabilities

Docling Core is an open-source Python library developed by the Docling Project. Versions of Docling Core from 2.21.0 to 2.48.4 had code vulnerabilities, which were caused by PyYAML deserialization issues. These vulnerabilities could lead to remote code execution...

MiracleLinux 7 : ruby-2.0.0.648-33.0.1.el7.AXS7 (AXSA:2018-2583:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2583:01 advisory. It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could exploi...

CVE-2024-39780

A YAML deserialization vulnerability was found in the Robot Operating System ROS 'dynparam', a command-line tool for getting, setting, and deleting parameters of a dynamically configurable node, affecting ROS distributions Noetic and earlier. The issue is caused by the use of the yaml.load functi...

Remote Code Execution (RCE)

feast is vulnerable to remote code execution RCE. The vulnerability is due to the use of yaml.load..., Loader=yaml.Loader to deserialize configuration YAML files before validation, which allows an attacker who can modify these files to instantiate arbitrary Python objects and execute OS commands ...

EUVD-2025-206133

A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at feast/sdk/python/feast/infra/computeengines/kubernetes/main.py. The vulnerability arises from the use of yaml.load..., Loader=yaml.Loader to...

CVE-2025-11157

A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at feast/sdk/python/feast/infra/computeengines/kubernetes/main.py. The vulnerability arises from the use of yaml.load..., Loader=yaml.Loader to...