7 matches found
Cross-site Scripting (XSS)
Overview agents is an A home for your AI agents Affected versions of this package are vulnerable to Cross-site Scripting XSS via the errordescription query parameter, which is directly interpolated into an HTML script tag without proper escaping. An attacker can execute arbitrary JavaScript in th...
Authorization Bypass Through User-Controlled Key
Overview agents is an A home for your AI agents Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the createHeaderBasedEmailResolver function. An attacker can redirect inbound email to arbitrary internal objects by manipulating the Message-ID...
@anngdinh/remote-mcp-server-authless (=0.0.0), @apideck/mcp (>=0.1.9 <=0.1.13) +152 more potentially affected by CVE-2026-1664 via agents (>=0.0.100 <=0.3.10)
agents NPM version =0.0.100, =0.1.9, =0.4.0, =0.1.0, =1.1.1, =0.1.0, =0.2.0, =0.1.0, =0.0.1, =2.1.6, =2.3.14 and more Source cves: CVE-2026-1664 Source advisory: OSV:GHSA-R7X9-8PH7-W8CG...
Malicious code in @amazon-bedrock-agents-healthcare-lifesciences/docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ecf7f917126f8a71d26227e7f55cdabe99eed6831cb23345e4045192f6a36446 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Moderate: Red Hat Security Advisory: fence-agents security and bug fix update
An update for fence-agents is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
CVE-2022-44053
The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0...
MGASA-2019-0398 Updated fence-agents packages fix security vulnerability
pdated fence-agents package fixes security vulnerability: Denial of service via guest VM comments CVE-2019-10153...