PT-2025-35577

Name of the Vulnerable Software and Affected Versions: rust-ffmpeg version 0.3.0 Description: A null pointer dereference issue exists in the input constructor function. This can lead to a denial of service when the avio alloc context call fails and returns NULL, which is subsequently dereferenced...

CGM CLININET Code Injection Vulnerability (CNVD-2025-19812)

CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a code injection vulnerability that stems from the RunCommand function failing to properly filter the special elements of the constructor code segment. An attacker can exploit this vulnerability t...

Linux Distros Unpatched Vulnerability : CVE-2022-1471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SnakeYaml's Constructor class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can...

Linux Distros Unpatched Vulnerability : CVE-2020-7598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a constructor or proto payload. CVE-2020-7598 Note that...

Linux Distros Unpatched Vulnerability : CVE-2019-20149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by...

CVE-2025-55346

User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request...

Duplicate Advisory: Flowise vulnerable to RCE via Dynamic function constructor injection

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hmgh-466j-fx4c. This link is maintained to preserve external references. Original Description User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers...

Arbitrary Code Injection

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Arbitrary Code Injection due to the unsafe implementation of a dynamic Function constructor. An attacker can execute arbitrary JavaScript code on the server by sending a crafted POST request...

CVE-2025-55346

User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request...

CVE-2025-55346

Flowise exposes a remote code execution vector via the CustomMCP tool: input from mcpServerConfig is passed into a dynamic Function constructor (Function('return '+ input)()) in the host context, which can access global process and Node.js modules. This allows arbitrary JS execution (RCE) when cr...

CVE-2025-55346 Unintended dynamic code execution leads to remote code execution by network attackers

User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request...

CVE-2025-55346 Unintended dynamic code execution leads to remote code execution by network attackers

User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request...

Flowise 安全漏洞

Flowise is a FlowiseAI open source tool for easily building LLM applications. A security vulnerability exists in Flowise that stems from user-controlled input flow to an insecure dynamic function constructor implementation that could lead to the execution of arbitrary non-sandboxed JS code in the...

PT-2025-33143

Name of the Vulnerable Software and Affected Versions: Flowise JS affected versions not specified Description: User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host by...

WordPress Constructor theme <= 1.6.5 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Sulabh Jain in WordPress Theme Constructor versions = 1.6.5...

CVE-2025-49823

Conda Constructor prior to 3.11.3 is affected. The vulnerability arises in shell installer scripts that process the installation prefix (user_prefix) using an eval statement, causing unsanitized user input to be executed as shell code. This can allow command injection via a malicious installation...

CVE-2025-49823 Conda Constructor Command Injection via Unsanitized User Input (Low)

conda Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix userprefix using an eval statement, which executes unsanitized user input as shell code. Although the script runs...

CVE-2025-49823 Conda Constructor Command Injection via Unsanitized User Input (Low)

conda Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix userprefix using an eval statement, which executes unsanitized user input as shell code. Although the script runs...

PT-2025-25610 · Unknown · Conda Constructor

Name of the Vulnerable Software and Affected Versions: Conda Constructor versions prior to 3.11.3 Description: The issue concerns the Conda Constructor, a tool for creating installers for conda packages. Prior to version 3.11.3, the shell installer scripts process the installation prefix using an...

Conda Constructor 命令注入漏洞

Conda Constructor is a Conda open source tool for creating installers from conda packages. A command injection vulnerability exists in versions of Conda Constructor prior to 3.11.3, which stems from the execution of uncleared user input when the eval statement handles the installer prefix, and...