Lucene search
+L

7 matches found

osv
osv
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-461 PraisonAI Vulnerable to OS Command Injection

The executecommand function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-generated tool calls, allowing attackers to inject arbitrary shell commands through shell metacharacters. --- Description PraisonAI's workflow system and...

9.6CVSS6.2AI score0.00419EPSS
Exploits1References6
nvd
nvd
added 2026/04/23 10:16 p.m.17 views

CVE-2026-41335

OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...

6.9CVSS0.00297EPSS
Exploits0References3
osv
osv
added 2026/04/23 9:57 p.m.3 views

CVE-2026-41335 OpenClaw < 2026.3.31 - Information Disclosure via Control UI Bootstrap JSON

OpenClaw before 2026.3.31 contains an information disclosure vulnerability in the Control Interface bootstrap JSON that exposes version and assistant agent identifiers. Attackers can extract sensitive fingerprinting information from the Control UI bootstrap payload to identify system versions and...

6.9CVSS5.9AI score0.00297EPSS
Exploits0References5
github
github
added 2026/04/08 9:52 p.m.11 views

PraisonAI Vulnerable to OS Command Injection

The executecommand function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-generated tool calls, allowing attackers to inject arbitrary shell commands through shell metacharacters. --- Description PraisonAI's workflow system and...

9.6CVSS6.3AI score0.00419EPSS
Exploits1References4Affected Software1
spring
spring
added 2026/01/27 12:0 a.m.10 views

Spring AI Agentic Patterns (Part 4): Subagent Orchestration

Instead of one generalist agent doing everything, delegate to specialized agents. This keeps context windows focused—preventing the clutter that degrades performance. Task tool, part of the spring-ai-agent-utils toolkit, is a portable, model-agnostic Spring AI implementation inspired by Claude...

6.1AI score
Exploits0
nessus
nessus
added 2025/04/11 12:0 a.m.10 views

FreeBSD : jenkins -- multiple vulnerabilities (45276ea6-1653-4240-9986-ccfc6fec7ece)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 45276ea6-1653-4240-9986-ccfc6fec7ece advisory. Jenkins Security Advisory: Missing permission check allows retrieving agent configurations...

4.3CVSS6.3AI score0.0039EPSS
Exploits0References4
freebsd
freebsd
added 2025/04/02 12:0 a.m.13 views

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description Medium SECURITY-3512 / CVE-2025-31720 Missing permission check allows retrieving agent configurations Description Medium SECURITY-3513 / CVE-2025-31721 Missing permission check allows retrieving secrets from agent configurations...

4.3CVSS6.9AI score0.0039EPSS
Exploits0References1
Rows per page
Query Builder