PT-2026-35682

A vulnerability was detected in AgiFlow scaffold-mcp up to 1.0.27. Affected by this issue is some unknown functionality of the file packages/scaffold-mcp/src/server/index.ts of the component write-to-file Tool. The manipulation of the argument file path results in path traversal. The attack may b...

EUVD-2025-137774

Malicious code in gocay-uga-agi npm...

Malicious code in kiudt-acavog-agi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 968f90ea9195dd76bdf7421c2fe74a4adaa31227f502d11dcf996cca7424da6d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-23866

Malicious code in bioql PyPI...

CVE-2025-8665

A vulnerability, which was classified as critical, has been found in agno-agi agno up to 1.7.5. This issue affects the function MCPTools/MultiMCPTools in the library libs/agno/agno/tools/mcp.py of the component Model Context Protocol Handler. The manipulation of the argument command leads to os...

CVE-2025-8665 agno-agi agno Model Context Protocol mcp.py MultiMCPTools os command injection

A vulnerability, which was classified as critical, has been found in agno-agi agno up to 1.7.5. This issue affects the function MCPTools/MultiMCPTools in the library libs/agno/agno/tools/mcp.py of the component Model Context Protocol Handler. The manipulation of the argument command leads to os...

CVE-2025-8665

CVE-2025-8665 affects agno-agi agno up to 1.7.5. The vulnerability lies in the MCPTools/MultiMCPTools function in libs/agno/agno/tools/mcp.py of the Model Context Protocol Handler, where manipulation of the command argument enables OS command injection. Exploitation can be remote and the vulnerab...

PT-2025-32200 · Unknown · Agno-Agi Agno

Name of the Vulnerable Software and Affected Versions: agno-agi agno versions up to 1.7.5 Description: A critical issue exists in the Model Context Protocol Handler component of agno-agi agno. The MCPTools/MultiMCPTools function within the libs/agno/agno/tools/mcp.py library is susceptible to OS...

agi-usa.org Cross Site Scripting vulnerability OBB-3329090

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Agi Bagi fun for kids Free - Dangerous filesystem permissions, SD-card access, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Agi Bagi fun for kids Free published at the 'play' market has multiple vulnerabilities...

CVE-2011-0495

Stack-based buffer overflow in the asturiencode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary...

CVE-2011-0495

Stack-based buffer overflow in the asturiencode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary...

AST-2011-001: Stack buffer overflow in SIP channel driver

Asterisk Project Security Advisory - AST-2011-001 Product Asterisk Summary Stack buffer overflow in SIP channel driver Nature of Advisory Exploitable Stack Buffer Overflow Susceptibility Remote Authenticated Sessions Severity Moderate Exploits Known No Reported On January 11, 2011 Reported By...