Lucene search
K

18196 matches found

Cvelist
Cvelist
added 2026/06/25 3:52 p.m.29 views

CVE-2026-54027 LibreChat: Image Upload Route Bypasses Agent Permission Check — Incomplete Fix for File Upload Authorization

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/files/images endpoint allows any authenticated user to upload files into any agent's toolresources e.g., context, executecode without verifying ownership or EDIT permission on the target...

6.5CVSS0.00189EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.4 views

PT-2026-52492

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.4-rc1 Description An authenticated user can upload files into the tool resources such as context or execute code of any agent without the required ownership or EDIT permissions. This occurs because the 'POST...

6.5CVSS5.8AI score0.00189EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52626

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description An issue exists in the performance and fault management framework where improper handling of deserialized data leads to SQL Injection. In the 'managers.php' file, the application processes the selecte...

7.2CVSS5.9AI score0.00279EPSS
Exploits1References10
NVD
NVD
added 2026/06/24 8:16 p.m.9 views

CVE-2026-55583

Twenty is an open-source CRM customer relationship management platform. Prior to 2.9.0, Twenty was vulnerable to a cross-workspace insecure direct object reference IDOR in the AI agent monitor's AgentTurnResolver, in packages/twenty-server/src/engine/metadata-modules/ai/ai-agent-monitor/reso...

7.6CVSS0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 7:21 p.m.15 views

CVE-2026-55583 Twenty: Cross-workspace IDOR in AgentTurnResolver

Twenty is an open-source CRM customer relationship management platform. Prior to 2.9.0, Twenty was vulnerable to a cross-workspace insecure direct object reference IDOR in the AI agent monitor's AgentTurnResolver, in packages/twenty-server/src/engine/metadata-modules/ai/ai-agent-monitor/reso...

7.6CVSS0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 7:21 p.m.9 views

CVE-2026-55583

Twenty, before version 2.9.0, is affected by a cross-workspace insecure direct object reference in the AI agent monitor’s Resolver (agent-turn.resolver.ts). The query paths agentTurns(agentId) and evaluateAgentTurn(turnId) retrieved rows by agentId or id without restricting workspaceId, and guard...

7.6CVSS5.9AI score0.00191EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 5:25 p.m.4 views

EUVD-2026-39011

Warp is an agentic development environment. From 0.2025.04.09.08.11.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command execution policy bypass in Agent code search tools. The affected Grep and FileGlob actions are authorized as read/search operations, but their implementations...

7.8CVSS6.1AI score0.00177EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.31 views

CVE-2026-57282

Jenkins Git client Plugin 6.6.0 and earlier does not correctly escape the workspace directory name when it is embedded into a generated SSH wrapper script, allowing attackers able to control the name of a build's working directory to execute arbitrary operating system commands on the agent...

0.00207EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.6 views

CVE-2026-57282

Jenkins Git client Plugin 6.6.0 and earlier does not correctly escape the workspace directory name when it is embedded into a generated SSH wrapper script, allowing attackers able to control the name of a build's working directory to execute arbitrary operating system commands on the agent...

5CVSS6.2AI score0.00207EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 9:1 a.m.2 views

SUSE-SU-2026:2612-1 Security update for google-guest-agent

This update for google-guest-agent fixes the following issues Security issues: - CVE-2026-39821: Update golang.org/x/net/idna dependency bsc1266603. - CVE-2026-39827: Update golang.org/x/crypto dependency bsc1266171. - CVE-2026-39828: Update golang.org/x/crypto dependency bsc1266171. -...

10CVSS6.9AI score0.91969EPSS
Exploits4References38
OSV
OSV
added 2026/06/24 9:0 a.m.2 views

SUSE-SU-2026:2611-1 Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issue - CVE-2026-33186: Update google.golang.org/grpc dependency bsc1260264. - CVE-2026-39821: Update golang.org/x/net/idna dependency bsc1266603. - CVE-2026-39827: Update golang.org/x/crypto dependency bsc1266171. - CVE-2026-39828: Update...

10CVSS6.7AI score0.01557EPSS
Exploits1References22
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-52081

Name of the Vulnerable Software and Affected Versions Twenty versions prior to 2.9.0 Description An insecure direct object reference IDOR exists in the AI agent monitor's AgentTurnResolver and the agent-turn-grader.service.ts file. The agentTurnsagentId query and the evaluateAgentTurnturnId...

7.6CVSS5.8AI score0.00191EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51792

Name of the Vulnerable Software and Affected Versions Jenkins Git client Plugin versions prior to 6.6.1 Description An issue exists where the workspace directory name is not correctly escaped when embedded into a generated SSH wrapper script. This allows attackers who can control the name of a...

5CVSS6.1AI score0.00207EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-10536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream- dependency tree via CURLOPTSTREAMDEPENDS or...

6AI score0.00206EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 7:11 p.m.4 views

GHSA-7CQP-7CFV-6C3Q AVideo Meet plugin: anonymous-to-admin stored XSS via unescaped participant User-Agent in getMeetInfo.json.php Participants panel

Summary The Meet plugin stores the raw HTTP User-Agent header of every meeting participant and later renders it without output encoding in the meeting-management "Participants" panel that the meeting host and site administrators open. An anonymous, unauthenticated attacker can join any public...

6.4CVSS6.2AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/23 7:11 p.m.8 views

AVideo Meet plugin: anonymous-to-admin stored XSS via unescaped participant User-Agent in getMeetInfo.json.php Participants panel

Summary The Meet plugin stores the raw HTTP User-Agent header of every meeting participant and later renders it without output encoding in the meeting-management "Participants" panel that the meeting host and site administrators open. An anonymous, unauthenticated attacker can join any public...

6.2AI score
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/23 4:17 p.m.12 views

CVE-2026-56694

NanoClaw before 2.1.0 contains a privilege escalation vulnerability in the channel-registration approval flow where handleChannelApprovalResponse fails to validate admin privileges over target agent groups. Scoped admins can submit forged or stale connect callback values to wire messaging channel...

5.4CVSS0.00171EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 4:17 p.m.9 views

CVE-2026-56693

NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the createagent delivery-action handler that performs privileged central-database writes without host-side authorization checks. Confined agent containers can invoke createagent to create arbitrary agent groups, container...

6.8CVSS0.00113EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 3:42 p.m.11 views

CVE-2026-54308

CVE-2026-54308 affects the n8n platform, specifically versions prior to 2.25.7 and 2.26.2. The MicrosoftAgent365Trigger and StripeTrigger nodes did not validate inbound requests, enabling an unauthenticated attacker who knows the webhook URL to submit a forged payload and cause workflow execution...

7.2CVSS5.9AI score0.00276EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/23 3:42 p.m.36 views

CVE-2026-54308 n8n: Missing Token Validation on Microsoft Agent 365 Trigger Node

n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, the MicrosoftAgent365Trigger and StripeTrigger node did not validate that inbound requests. As a result, an unauthenticated attacker who knows the webhook URL could submit a forged payload and cause the workflow to...

6.3CVSS0.00276EPSS
Exploits0References1
Rows per page
Query Builder