CVE-2025-71331 Flowise - Cross-Site Scripting in Chat Messages and Agent Workflows

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

EUVD-2025-210289

Flowise before 3.0.8 contains a cross-site scripting XSS vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScript by sending an iframe payload e.g., in a chat box, or by having a custom agent function return an X...

Unspecified Vulnerability in PraisonAI (CNVD-2026-18147)

PraisonAI is a low-code multi-intelligence body collaboration framework by the individual developer Mervin Praison. PraisonAI suffers from a security vulnerability that stems from the OAuthManager.validatetoken function returning True for any token not found in its internal storage, which can be...

PraisonAI 安全漏洞

PraisonAI is a low-code multi-intelligence body collaboration framework by the individual developer Mervin Praison. PraisonAI suffers from a security vulnerability that stems from the OAuthManager.validatetoken function returning True for any token not found in its internal storage, which can be...

Zabbix 安全漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A security vulnerability exists in Zabbix versions 5.0.42, 6.0.30, 6.4.15, and 7.0.0rc2 that originates from the ability of a...

PT-2024-4315 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR Agent affected versions not specified Description: The issue is related to a flaw in the source confirmation mechanism of the Palo Alto Networks Cortex XDR Agent, which can be exploited to impact the system's...

ASI Oracle Security Alert: Oracle Home Environment Variable Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Home Environment Variable Buffer Overflow For additional details, the official advisories from Oracle Corporation can be downloaded from: http://otn.oracle.com/deploy/security/pdf/dbsmpalert.pdf Summary: By setting a long ORACLEHOME value more...