Lucene search
K

10 matches found

Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-57194

Name of the Vulnerable Software and Affected Versions praisonaiagents versions prior to 1.6.78 Description An unsafe dynamic module loading issue exists in the AgentFlow. resolve pydantic class function. When a workflow step utilizes a string output pydantic reference, the framework imports a...

8.5CVSS6.4AI score0.00129EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 5:19 a.m.6 views

MAL-2026-6111 Malicious code in @rafaelsene01/agent-flow (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3855afe87d31e428546f226e1da9236cd0e4dc45a477afb9f6ba1c707a4b05ec The package's main and bin entry, dist/agent-flow.js, is shipped as a heavily obfuscated bundle produced by javascript-obfuscator declared as a...

6.2AI score
Exploits0References18
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 5:19 a.m.9 views

Malicious code in @rafaelsene01/agent-flow (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3855afe87d31e428546f226e1da9236cd0e4dc45a477afb9f6ba1c707a4b05ec The package's main and bin entry, dist/agent-flow.js, is shipped as a heavily obfuscated bundle produced by javascript-obfuscator declared as a...

6.2AI score
Exploits0References18
Packet Storm News
Packet Storm News
added 2026/04/22 12:0 a.m.11 views

Synthesizing Multi-Agent Harnesses for Vulnerability Discovery

LLM agents have begun to find real security vulnerabilities that human auditors and automated fuzzers missed for decades, in source-available targets where the analyst can build and instrument the code. In practice the work is split among several agents, wired together by a harness: the program...

8.8CVSS5.8AI score0.00395EPSS
Exploits0
EUVD
EUVD
added 2026/03/11 12:24 a.m.4 views

EUVD-2026-10930

Flowise affected by Server-Side Request Forgery SSRF in HTTP Node Leading to Internal Network Access...

8.8CVSS5.8AI score0.023EPSS
Exploits1References1
OSV
OSV
added 2026/03/10 9:43 p.m.5 views

CVE-2026-31829 Flowise affected by Server-Side Request Forgery (SSRF) in HTTP Node Leading to Internal Network Access

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.0.13, Flowise exposes an HTTP Node in AgentFlow and Chatflow that performs server-side HTTP requests using user-controlled URLs. By default, there are no restrictions on target hosts, including...

7.1CVSS5.8AI score0.023EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.8 views

PT-2026-26383

Summary A client authenticated with a shared gateway token could connect as role=node without device identity/pairing, then call node.event to trigger agent.request and voice.transcript flows. Affected Packages / Versions - Package: npm openclaw - Affected versions: = 2026.2.21-2 - Patched versio...

5.4CVSS6AI score0.00268EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/11/02 4:2 a.m.4 views

SUSE CVE-2024-8996

Unquoted Search Path or Element vulnerability in Grafana Agent Flow mode on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2...

7.8CVSS7AI score0.00264EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/09/25 4:45 p.m.29 views

CVE-2024-8996 Grafana Agent Flow on Windows Unquoted service path

Unquoted Search Path or Element vulnerability in Grafana Agent Flow mode on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2...

7.3CVSS0.00264EPSS
Exploits0References3
Grafana
Grafana
added 2024/09/25 12:0 a.m.12 views

Grafana Agent flow mode unquoted service path

On a windows machine, the Grafana Agent Flow mode service prior to version 0.43.1 is vulnerable to a privilege escalation from local user to SYSTEM due to an unquoted service path. It is recommended that you remove the Grafana Agent Flow installation and do a clean install. An update will not...

7.8CVSS5.7AI score0.00264EPSS
Exploits0
Rows per page
Query Builder