Lucene search
K

2468099 matches found

OSV
OSV
added 2 days ago5 views

PYSEC-2026-480 praisonai-platform: Any workspace member can add arbitrary user as owner via POST /workspaces/{id}/members

Summary Type: Privilege escalation / cross-tenant member injection. The POST /workspaces/workspaceid/members endpoint is gated only by requireworkspacememberworkspaceid default minrole="member" and forwards the request body's userid and role straight into MemberService.addworkspaceid, userid, rol...

9.6CVSS5.8AI score0.00031EPSS
Exploits0References5
OSV
OSV
added 2 days ago4 views

PYSEC-2026-364 Jupyter Enterprise Gateway: Jinja2 Template Server Side Template Injection resulting in Remote Code Execution

Summary The environment variables KERNELXXX used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection SSTI. By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise Gateway service. The code can...

10CVSS6.4AI score0.0086EPSS
Exploits0References5
OSV
OSV
added 2 days ago6 views

PYSEC-2026-291 Backpropagate: backprop ui --auth and backprop ui --share do not enforce authentication

Summary In backpropagate = 1.1.0, the optional Reflex web UI pip install backpropagateui, launched via backprop ui exposes a training control plane: dataset upload, model load, training start/stop, multi-run orchestration, GGUF export, and HuggingFace Hub push. The CLI accepts two operator-facing...

9.3CVSS6.1AI score0.00324EPSS
Exploits0References6
OSV
OSV
added 2 days ago5 views

PYSEC-2026-362 Jupyter Enterprise Gateway: Kubernetes Manifest Injection in Jinja2 Template Rendering

Summary The environment variables used during the rendering of the Kubernetes manifest allow YAML injection, enabling attackers to overwrite existing keys like securityContext and inject multi-document YAML to create additional unintended Kubernetes resources. Details The server interpolates...

10CVSS6.3AI score0.00062EPSS
Exploits0References5
OSV
OSV
added 2 days ago4 views

PYSEC-2026-363 Jupyter Enterprise Gateway: ContainerProcessProxy._enforce_prohibited_ids Bypass

Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNELUID or KERNELGID value. The feature...

9.8CVSS6.2AI score0.00106EPSS
Exploits0References6
OSV
OSV
added 2 days ago5 views

PYSEC-2026-558 Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write

A Path Traversal vulnerability in the partitionmsg function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments. Impact An attacker can craft a malicious .msg file with attachment filenames containing path traversal...

9.8CVSS8.1AI score0.00616EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2 days ago1 views

01os (>=0.0.5 <=0.0.13), airbyte-source-azure-blob-storage (>=0.3.3 <=0.6.12) +94 more potentially affected by CVE-2025-64712 via unstructured (>=0.10.10 <=0.18.15)

unstructured PYPI version =0.10.10, =0.0.5, =0.3.3, =0.3.6, =0.0.8, =0.1.5, =0.2.0, =4.5.1, =1.0.0, =0.0.1, =0.1.6, =0.2.2, =0.1.0, =0.1.16 - biorxivist =0.2.1 and more Source cves: CVE-2025-64712 Source advisory: OSV:PYSEC-2026-558...

9.8CVSS7.5AI score0.00616EPSS
Exploits0
OSV
OSV
added 2 days ago5 views

PYSEC-2026-421 MLflow Use of Default Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the basicauth.ini file. The file contains hard-coded default credentials. An attacker can leverage...

9.8CVSS7.7AI score0.00968EPSS
Exploits0References8
OSV
OSV
added 2 days ago5 views

PYSEC-2026-301 Bugsink is vulnerable to Stored XSS via Pygments fallback in stacktrace rendering

Summary An unauthenticated attacker who can submit events to a Bugsink project can store arbitrary JavaScript in an event. The payload executes only if a user explicitly views the affected Stacktrace in the web UI. Details When Pygments returns more lines than it was given a known upstream quirk...

9.3CVSS6AI score0.00286EPSS
Exploits1References7
OSV
OSV
added 2 days ago5 views

PYSEC-2026-531 Semantic Kernel has Arbitrary File Write via AI Agent Function Calling in .NET SDK

Impact What kind of vulnerability is it? Who is impacted? An Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. Developers who have built applications which include Microsoft's Semantic Kernel .NET SDK and...

9.9CVSS5.8AI score0.0195EPSS
Exploits0References7
OSV
OSV
added 2 days ago4 views

PYSEC-2026-376 Langflow has Remote Code Execution in CSV Agent

Summary The CSV Agent node in Langflow hardcodes allowdangerouscode=True, which automatically exposes LangChain’s Python REPL tool pythonreplast. As a result, an attacker can execute arbitrary Python and OS commands on the server via prompt injection, leading to full Remote Code Execution RCE...

9.8CVSS7.7AI score0.33694EPSS
Exploits3References6
OSV
OSV
added 2 days ago4 views

PYSEC-2026-564 OpenStack Vitrage: Unauthorized Access to the Host can Lead to Eval Injection

In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and further compromise...

9.1CVSS7.7AI score0.00763EPSS
Exploits2References8
OSV
OSV
added 2 days ago5 views

PYSEC-2026-565 vLLM has RCE In Video Processing

Summary A chain of vulnerabilities in vLLM allow Remote Code Execution RCE: 1. Info Leak - PIL error messages expose memory addresses, bypassing ASLR 2. Heap Overflow - JPEG2000 decoder in OpenCV/FFmpeg has a heap overflow that lets us hijack code execution Result: Send a malicious video URL to...

9.8CVSS7.4AI score0.03816EPSS
Exploits0References8
OSV
OSV
added 2 days ago4 views

PYSEC-2026-439 ormar is vulnerable to SQL Injection through aggregate functions min() and max()

Report of SQL Injection Vulnerability in Ormar ORM A SQL Injection attack can be achieved by passing a crafted string to the min or max aggregate functions. Brief description When performing aggregate queries, Ormar ORM constructs SQL expressions by passing user-supplied column names directly int...

9.8CVSS7.8AI score0.00915EPSS
Exploits2References7
OSV
OSV
added 2 days ago4 views

PYSEC-2026-341 Flask-Reuploaded vulnerable to Remote Code Execution via Server-Side Template Injection

Impact A critical path traversal and extension bypass vulnerability in Flask-Reuploaded allows remote attackers to achieve arbitrary file write and remote code execution through Server-Side Template Injection SSTI. Patches Flask-Reuploaded has been patched in version 1.5.0 Workarounds 1. Do not...

9.8CVSS6.5AI score0.01046EPSS
Exploits1References7
OSV
OSV
added 2 days ago4 views

PYSEC-2026-303 CAI find_file Agent Tool has Command Injection Vulnerability Through Argument Injection

Summary The CAI Cybersecurity AI framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via subprocess.Popen with shell=True, allowing attackers to execute arbitrary commands on the host system. Vulnerable...

9.6CVSS6.2AI score0.008EPSS
Exploits3References7
OSV
OSV
added 2 days ago4 views

PYSEC-2026-289 Azure AI Language Authoring Elevation of Privilege Vulnerability can Lead to RCE

Deserialization of untrusted data in the Azure AI Language Conversations Authoring client library for Python allows an unauthorized attacker to execute code over a network...

9.8CVSS5.9AI score0.02344EPSS
Exploits0References5
OSV
OSV
added 2 days ago6 views

PYSEC-2026-551 terminal-controller-mcp vulnerable to Command Injection

A command injection vulnerability in the executecommand function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary commands via a crafted input...

10CVSS6.1AI score0.01891EPSS
Exploits1References6
OSV
OSV
added 2 days ago6 views

PYSEC-2026-353 H2O has an External Control of File Name or Path vulnerability

A vulnerability in h2oai/h2o-3 version 3.46.0.1 allows remote attackers to write arbitrary data to any file on the server. This is achieved by exploiting the /3/Parse endpoint to inject attacker-controlled data as the header of an empty file, which is then exported using the...

9.1CVSS8AI score0.00629EPSS
Exploits0References5
OSV
OSV
added 2 days ago4 views

PYSEC-2026-383 Langroid has WAF Bypass Leading to RCE in TableChatAgent

Affected Scope langroid = 0.59.31 Vulnerability Description CVE-2025-46724 fix bypass: TableChatAgent can call pandaseval tool to evaluate the expression. There is a WAF in langroid/utils/pandasutils.py introduced to block code injection CVE-2025-46724. However it can be bypassed due to literalok...

9.4CVSS7AI score0.00648EPSS
Exploits1References7
Rows per page
Query Builder