Microsoft Azure Monitor Agent 代码问题漏洞

Microsoft Azure Monitor Agent is a monitoring agent program developed by the American company Microsoft. There are code-related vulnerabilities in Microsoft Azure Monitor Agent. Attackers can exploit these vulnerabilities to gain higher privileges...

Official Clerk JavaScript SDKs 代码问题漏洞

The Official Clerk JavaScript SDKs are an open-source repository for Clerk authentication purposes. These SDKs have code vulnerabilities that can lead to false positives during authorization checks. This occurs when functions like has and auth.protect, along with related authorization predicates,...

Geyser 代码问题漏洞

Geyser is a cross-platform game version bridging proxy tool developed by GeyserMC. Versions of Geyser prior to 2.9.3 contained code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing when processing texture data for players’ heads in Minecraft. This allowed attackers...

Sonatype Nexus Repository Manager 代码问题漏洞

Sonatype Nexus Repository Manager NXRM is a repository manager developed by Sonatype, Inc., in the United States. It is primarily used for managing, storing, and distributing software. Versions of Sonatype Nexus Repository Manager from 3.0.0 to 3.91.1 contained code vulnerabilities. These...

SecureForge: Finding and Preventing Vulnerabilities in LLM-Generated Code Via Prompt Optimization

LLM coding agents now generate code at an unprecedented scale, yet LLM-generated code introduces cybersecurity vulnerabilities into codebases without human involvement. Even when frontier models are explicitly asked to write secure production code with relevant weaknesses to avoid in context, we...

PraisonAI 代码问题漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.6.32 contained code vulnerabilities. These vulnerabilities stemmed from logical flaws in the URL checking logic, which could allow attackers to bypass the checks and execute...

CI4MS 代码问题漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. There were code issues and vulnerabilities in versions of CI4MS from 0.26.0 to 0.31.8.0. These vulnerabilities stemmed from the auth filter disabling the check for banning/banned users...

OpenSTAManager 代码问题漏洞

OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager 2.10 and earlier had code-related vulnerabilities, which stemmed from arbitrary file upload vulnerabilities in the module update function...

HyperChat 代码问题漏洞

HyperChat is an open-source local AI agent platform developed by dadigua. It supports configuration-driven and project-level AI expertise. Versions of HyperChat 2.0.0-alpha.63 and earlier have code vulnerabilities. These vulnerabilities stem from the baseurl parameter in the fetch function of the...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 had code vulnerabilities. These vulnerabilities stemmed from incomplete host-env-security-policy.json files, which failed to restrict compiler binary environment variables. A...

Auto Favicon MCP Server 代码问题漏洞

The Auto Favicon MCP Server is a tool developed by Yuey, a personal developer, for automatically generating website icons. The Auto Favicon MCP Server f189116a9259950c2393f114dbcb94dde0ad864b and previous versions have code vulnerabilities. These vulnerabilities stem from improper handling of the...

MCP Data Visualization & Experimentation Platform 代码问题漏洞

MCP Data Visualization & Experimentation Platform is a large model context protocol developed by alejandro and his team. There are code-related vulnerabilities in MCP Data Visualization & Experimentation Platform. These vulnerabilities stem from improper use of the axios function in the...

AIRA Hub 代码问题漏洞

AIRA Hub is an internet center developed by IhateCreatingUserNames2, designed for discovering and broadcasting MCP tools and A2A skills. There are code vulnerabilities in AIRA Hub, stemming from the function connectstreamendpoint/syncagents in the AiraHub.py file within the component Endpoint...

Astro 代码问题漏洞

Astro is a content-driven website framework developed by Astro OpenSource. Versions of Astro prior to 13.1.10 had code vulnerabilities. These vulnerabilities stemmed from the use of default redirection behavior in fetch calls, which could allow Cloudflare Workers to bypass domain whitelist checks...

IBM Guardium Data Protection 代码问题漏洞

IBM Guardium Data Protection is a comprehensive data security platform developed by the American company International Business Machines IBM. There are code-related vulnerabilities in versions 12.0, 12.1, and 12.2 of IBM Guardium Data Protection. These vulnerabilities stem from security...

Flowise 代码问题漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Prior versions of Flowise, such as 3.1.0, contained code vulnerabilities. These vulnerabilities stemmed from multiple logical flaws in the security wrapper, allowing attackers to bypass the...

Microsoft Dynamics 365 Online 代码问题漏洞

Microsoft Dynamics 365 Online is a management software developed by Microsoft Corporation, designed for monitoring employee behavior and analyzing work efficiency. There are code vulnerabilities in Microsoft Dynamics 365 Online, which stem from server-side request forgery. These vulnerabilities m...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 had code vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing mechanism in the market plugin download function, which could allow attackers to...

Chamilo 代码问题漏洞

Chamilo is an open-source learning management system developed by Chamilo. Version Chamilo 2.0-RC.2 has code vulnerabilities. These vulnerabilities stem from the fact that the install.ajax.php file can be accessed without authentication. This could allow unauthorized attackers to exploit the SMTP...

SAMSUNG Mobile devices 代码问题漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. These devices include smartphones, tablets, etc. There are code vulnerabilities in Samsung Mobile devices, which stem from improper handling of exception conditions. These vulnerabilities could...