Lucene search
K

5 matches found

EUVD
EUVD
•added last week•8 views

EUVD-2026-41516

Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext in the agent's local transaction state cache. Affected versions of th...

6.7CVSS5.9AI score0.00082EPSS
Exploits0References1
Cvelist
Cvelist
•added last week•43 views

CVE-2026-8804 Cleartext Storage of Sensitive Information for Puppet Resource API

Puppet resourceapi shipped in Puppet Core 8.x and Puppet Enterprise 2023.8.x and 2025.x does not preserve the sensitive flag on parameters defined via the resource-api, causing values such as passwords to be stored in cleartext in the agent's local transaction state cache. Affected versions of th...

6.7CVSS0.00082EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/06/23 4:28 p.m.•5 views

CVE-2026-55255 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

8.4CVSS6.2AI score0.00467EPSS
Exploits2References3
RedhatCVE
RedhatCVE
•added 2026/04/14 1:22 a.m.•4 views

CVE-2026-39981

AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safejoin function in the essentialabilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or...

8.8CVSS5.9AI score0.01318EPSS
Exploits1References1
Patchstack
Patchstack
•added 2025/08/22 1:52 p.m.•8 views

WordPress Fluent Support Plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Bao BlueRock in WordPress Plugin Fluent Support versions = 1.9.1...

4.3CVSS6.6AI score0.00119EPSS
Exploits0Affected Software1
Rows per page
Query Builder