Lucene search
K

12 matches found

Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.13 views

PT-2026-50493

Name of the Vulnerable Software and Affected Versions @mariozechner/pi-coding-agent versions 0.28.0 through 0.73.1 @earendil-works/pi-coding-agent versions 0.74.0 through 0.78.0 Description A race condition in the file write path of the credential storage implementation allows the auth.json file,...

2.2CVSS5.7AI score0.00074EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2026/06/16 11:43 p.m.10 views

Pi Agent: Potential XSS in HTML session exports via Markdown URL sanitization bypass

Potential XSS in HTML session exports via Markdown URL handling Pi HTML exports render session Markdown into a static HTML file. Affected versions did not consistently reject unsafe Markdown link and image URL schemes. In versions with scheme filtering, C0 control characters in the URL scheme cou...

2.5CVSS5.2AI score0.00132EPSS
Exploits0References4Affected Software2
GithubExploit
GithubExploit
added 2026/06/09 11:0 a.m.57 views

openshell-sandbox-poc

OpenShell + Kata Containers: Dual-Protection PoC A proof-of-c...

7.8CVSS7.8AI score0.96267EPSS
Exploits230
EUVD
EUVD
added 2025/11/21 10:11 p.m.5 views

EUVD-2025-198528

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Prior to version 3.26.7, Due to an error in validation it was possible for Roo to automatically execute commands that did not match the allow list prefixes. This issue has been patched in version 3.26.7...

8.1CVSS6.7AI score0.00621EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/21 12:0 a.m.13 views

PT-2025-47816

Name of the Vulnerable Software and Affected Versions Roo Code versions prior to 3.26.7 Description Roo Code, an AI-powered autonomous coding agent, had a validation error that allowed it to automatically execute commands not on the approved list of prefixes. This occurred in versions before...

8.1CVSS6.8AI score0.00621EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-22473

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.01142EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-19434

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00431EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.25 views

EUVD-2025-20299

Malicious code in bioql PyPI...

8.1CVSS6.5AI score0.00656EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/09/26 3:0 p.m.5 views

Kicking off Cybersecurity Awareness Month 2025: Researcher spotlights and enhanced incentives

October marks Cybersecurity Awareness Month, a time when the developer community reflect on the importance of security in the evolving digital landscape. At GitHub, we understand that protecting the global software ecosystem relies on the commitment, skill, and ingenuity of the security research...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.7 views

PT-2025-30619 · Robocode · Robocode

Name of the Vulnerable Software and Affected Versions: Roo Code versions 3.23.18 and below Description: Roo Code, an AI-powered autonomous coding agent, does not validate line breaks in its command input. This bypasses the allow-list mechanism due to a lack of parsing or validation logic,...

7.8CVSS7.1AI score0.01142EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/07/09 6:16 p.m.25 views

CVE-2025-53536

Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with...

8.1CVSS7AI score0.00656EPSS
Exploits0References1
CVE
CVE
added 2025/07/07 5:57 p.m.28 views

CVE-2025-53536

Roo Code (AI-powered autonomous coding agent) prior to version 3.22.6 is affected. If a victim had the Write auto-approved mode, an attacker who can submit prompts could write to VS Code settings files and trigger code execution. A concrete example is the php.validate.executablePath setting, wher...

8.1CVSS7.1AI score0.00656EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder