CVE-2026-48209 Reflected XSS in authenticated agent context

An improper neutralization of user-controllable input in OTRS or OTRS Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting XSS attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into...

CVE-2026-48209

OTRS Community Edition 7.0.x is vulnerable to reflected XSS due to improper neutralization of user-controllable input in ticket handling. Attackers who are authenticated can exploit crafted request parameters in ticket actions to inject JavaScript via manipulated request URLs, executing code in t...

CVE-2026-43534 OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events

OpenClaw before 2026.4.10 contains an input validation vulnerability that allows external hook metadata to be enqueued as trusted system events. Attackers can supply malicious hook names to escalate untrusted input into higher-trust agent context...

CVE-2026-43534 OpenClaw < 2026.4.10 - Unsanitized External Input in Agent Hook Events

OpenClaw before 2026.4.10 contains an input validation vulnerability that allows external hook metadata to be enqueued as trusted system events. Attackers can supply malicious hook names to escalate untrusted input into higher-trust agent context...

CVE-2026-41358

OpenClaw before 2026.4.2 fails to filter Slack thread context by sender allowlist, allowing non-allowlisted messages to enter agent context. Attackers can inject unauthorized thread messages through allowlisted user replies to bypass sender access controls and manipulate model context...

OpenClaw 访问控制错误漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.2 contained a access control vulnerability. This vulnerability stemmed from the failure to filter Slack thread contexts based on the sender’s permission list, allowing messages...

PraisonAI has Memory State Leakage and Path Traversal in MultiAgent Context Handling

Summary The MultiAgentLedger and MultiAgentMonitor components in the provided code exhibit vulnerabilities that can lead to context leakage and arbitrary file operations. Specifically: 1. Memory State Leakage via Agent ID Collision: The MultiAgentLedger uses a dictionary to store ledgers by agent...

Exploit for CVE-2026-25130

CVE-2026-25130 – Cybersecurity AI CAI Framework Argument Inj...

CVE-2025-69220

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control for file uploads to an agents file context and file search. An authenticated attacker with access to the agent ID can change the behavior of arbitrary agents by uploading new files to t...

EUVD-2025-206261

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control for file uploads to an agents file context and file search. An authenticated attacker with access to the agent ID can change the behavior of arbitrary agents by uploading new files to t...

CVE-2025-69220

LibreChat (version 0.8.1-rc2) is vulnerable to insufficient access control for file uploads in an agent’s file context and file search. An authenticated attacker who knows an agent ID can modify the behavior of arbitrary agents by uploading files, even without permissions for that agent. The issu...

PT-2026-1932

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.2-rc2 Description LibreChat, a ChatGPT clone, does not properly control access when uploading files to an agent's file context or during file searches in version 0.8.1-rc2. An authenticated attacker who knows an...