CVE-2026-53753 Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API

Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the safeevalexpression function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes giframe, fback, fbuiltins do NOT...

Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API

The safeevalexpression function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes giframe, fback, fbuiltins do NOT start with underscore, enabling a complete sandbox escape to achieve arbitrary...

CVE-2026-54133

Technical details (affected versions, impact specifics, and remediation) are not publicly available in the provided documents. Monitor for updates.

CVE-2026-5559

A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function issafeast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may...

CVE-2026-9358

A flaw was found in postcss. A remote attacker could exploit a vulnerability in the toString function of the AST Serialization component by executing a manipulation, leading to uncontrolled recursion. This uncontrolled recursion can result in a Denial of Service DoS condition, making the affected...

CVE-2026-44003

A flaw was found in vm2 before 3.11.0. A code transformer fast-path skips AST analysis when catch, import, and async are absent, allowing direct access to VM2INTERNALSTATEDONOTUSEORPROGRAMWILLFAIL and internal security functions handleException, wrapWith, import. Fixed in 3.11.0...

GHSA-4MR5-G6F9-CFRH PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)

Summary executecode in praisonaiagents/tools/pythontools.py v1.6.37, subprocess sandbox mode can be fully bypassed using print.self to retrieve the real Python builtins module, from which import can be extracted via vars and runtime string construction. This achieves arbitrary OS command executio...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the toString function in the AST Serialization. An attacker can cause uncontrolled recursion by providing specially crafted input, potentially resulting in resource exhaustion and application unavailability...

CVE-2026-9358

A vulnerability was determined in postcss-selector-parser up to 6.1.2/7.1.2. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack remotely. The...

CVE-2026-9358

A vulnerability was determined in postcss-selector-parser up to 6.1.2/7.1.2. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack remotely. The...

CVE-2026-9358 postcss-selector-parser AST Serialization container.js toString recursion

A vulnerability was determined in postcss-selector-parser up to 6.1.2/7.1.2. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack remotely. The...

CVE-2026-9358 postcss-selector-parser AST Serialization container.js toString recursion

A vulnerability was determined in postcss-selector-parser up to 6.1.2/7.1.2. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack remotely. The...

PostCSS 安全漏洞

PostCSS is an open-source style transformation tool developed by PostCSS. Versions of PostCSS 7.1.1 and earlier contained a security vulnerability. This vulnerability stemmed from improper handling of the toString function in the file/src/selectors/container.js component AST serialization, which...

PT-2026-42916

A vulnerability was determined in postcss up to 7.1.1. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead to uncontrolled recursion. It is possible to launch the attack remotely. The exploit has been...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/client: Fixed a memory leak in drmclienttargetcloned. The dmtmode variable is allocated but never freed within this function. This issue was discovered with the ast driver, but most drivers that use the generic fbdevsetup...

Malicious code in ast-plugin (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

@lint-md/cli (>=0.0.1 <=0.1.4), @lint-md/eslint-plugin (>=0.0.1 <=0.0.3) +4 more potentially affected by unknown CVE via ast-plugin (>=0.0.1 <=0.0.7)

ast-plugin NPM version =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.2, =0.1.0, =0.1.2 - yuque-lint =0.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-ASTPLUGIN-16755062...

JLSEC-2026-506

LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::weaveParents in astselweave.cpp...

CVE-2026-8752 h2oai h2o-3 Rapids setproperty Primitive AstSetProperty.java exec access control

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

CVE-2026-8752

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-8752.