CVE-2026-44336

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a pat...

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict due to case-sensitive handling of the host matching process. An attacker can bypass access control policies by sending requests with hostnames that differ only in letter casing, potentially gaining unauthorized...

Heimdall: Case-sensitive host matching may lead to policy bypass

Summary Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host that differs only in letter casing, potentially causing the request to be classified differently than...

PT-2026-37187

Name of the Vulnerable Software and Affected Versions Heimdall versions prior to 0.17.14 Description Heimdall performs host matching in a case-sensitive manner, which conflicts with the case-insensitive nature of HTTP hostnames. This discrepancy allows a request host that differs only in letter...

CVE-2026-23769

lucy-xss-filter before commit e5826c0 allows an attacker to execute malicious JavaScript due to improper sanitization caused by misconfigured default superset rule files...

CVE-2026-23769

lucy-xss-filter before commit e5826c0 allows an attacker to execute malicious JavaScript due to improper sanitization caused by misconfigured default superset rule files...

Trendnet AC2600 安全漏洞

The Trendnet AC2600 is a wireless router from Trendnet, Inc. A security vulnerability exists in the Trendnet AC2600 TEW-827DRU version 2.08B01, which stems from the software not having sufficient access control on the WAN interface. The default iptables ruleset for managing service access on the...

Automated remediation level 2: Best practices

A low-impact workaround When it comes to automating remediation, the second level we’ll discuss takes a bit of additional planning. This is so that users will see little to no impact in the account fundamentals automation process. This framework aligns with the Center for Internet Security Amazon...

openstack-nova: RBAC policy not properly enforced in Nova EC2 API

It was found that RBAC policies were not enforced in certain methods of the OpenStack Compute EC2 Amazon Elastic Compute Cloud API. A remote attacker could use this flaw to escalate their privileges beyond the user group they were originally restricted to. Note that only certain setups using...