2 matches found
CVE-2026-45311
CodeWhale is a DeepSeek + MiMo coding agent in terminal. From 0.3.0 to 0.8.23, the runtests tool executes cargo test in the workspace with ApprovalRequirement::Auto, meaning it runs without any user approval prompt. cargo test compiles and executes arbitrary code: test binaries, build.rs build...
The vulnerability of the Microsoft Exchange Server system’s automation mechanism allows a hacker to inject arbitrary web or HTML code.
The vulnerability of the Outlook Web Access component of the Microsoft Exchange Server automation system exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code through a special...