Lucene search
K

6 matches found

OSV
OSV
added 3 days ago4 views

PYSEC-2026-300 Browser Use allows bypassing `allowed_domains` by putting a decoy domain in http auth username portion of a URL

Summary During a manual source code review, ARIMLABS.AI researchers identified that the browseruse module includes an embedded whitelist functionality to restrict URLs that can be visited. This restriction is enforced during agent initialization. However, it was discovered that these measures can...

9.3CVSS5.8AI score0.00452EPSS
Exploits0References7
CVE
CVE
added 2026/02/09 8:17 p.m.38 views

CVE-2026-25740

Summary : CVE-2026-25740 describes a local privilege escalation in NixOS where enabling the captive-browser module (programs.captive-browser) allows any user to run arbitrary commands with the CAP_NET_RAW capability in 25.05 and earlier. The underlying issue enables binding to privileged ports an...

5.8CVSS5.8AI score0.00148EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-2419

Malicious code in bioql PyPI...

8.6CVSS6.5AI score0.01114EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/05/05 6:25 p.m.26 views

Browser Use allows bypassing `allowed_domains` by putting a decoy domain in http auth username portion of a URL

Summary During a manual source code review, ARIMLABS.AI researchers identified that the browseruse module includes an embedded whitelist functionality to restrict URLs that can be visited. This restriction is enforced during agent initialization. However, it was discovered that these measures can...

4CVSS7.2AI score0.00452EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2019/04/01 12:0 a.m.1 views

Binary Vulnerability in Foxit Reader U3D Plugin

Foxit Software Incorporated Foxit Software is a provider of product technology and solutions that cover the document lifecycle, including document generation, conversion, display, editing, searching, printing, storage, signing, forms, protection, and secure distribution management. Binary...

7.6AI score
Exploits0
CNVD
CNVD
added 2017/12/15 12:0 a.m.4 views

Python 'Lib/webbrowser.py' Remote Command Execution Vulnerability

Python is an object-oriented, straightforward computer programming language. A remote command execution vulnerability exists in Python 'Lib/webbrowser.py', which allows remote attackers to exploit the vulnerability to construct malicious URIs and inject arbitrary code...

8.8CVSS7.5AI score0.03595EPSS
Exploits1References1
Rows per page
Query Builder