CVE-2026-41335

OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...

PraisonAI Vulnerable to OS Command Injection

The executecommand function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-generated tool calls, allowing attackers to inject arbitrary shell commands through shell metacharacters. --- Description PraisonAI's workflow system and...

Spring AI Agentic Patterns (Part 4): Subagent Orchestration

Instead of one generalist agent doing everything, delegate to specialized agents. This keeps context windows focused—preventing the clutter that degrades performance. Task tool, part of the spring-ai-agent-utils toolkit, is a portable, model-agnostic Spring AI implementation inspired by Claude...

FreeBSD : jenkins -- multiple vulnerabilities (45276ea6-1653-4240-9986-ccfc6fec7ece)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 45276ea6-1653-4240-9986-ccfc6fec7ece advisory. Jenkins Security Advisory: Missing permission check allows retrieving agent configurations...

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Medium SECURITY-3512 / CVE-2025-31720 Missing permission check allows retrieving agent configurations Description Medium SECURITY-3513 / CVE-2025-31721 Missing permission check allows retrieving secrets from agent configurations...