Langflow < 1.3.0 - Remote Code Execution via validate_code() exec()

Langflow contains a remote code execution caused by inclusion of functionality from untrusted control sphere in the execglobals parameter at the validate endpoint, letting remote attackers execute arbitrary code as root, exploit requires no authentication. id: CVE-2026-0770 info: name: Langflow...

CVE-2018-25393 Navigate CMS 2.8.5 Path Traversal via navigate_download.php

Navigate CMS 2.8.5 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by injecting directory traversal sequences in the id parameter. Attackers can send GET requests to navigatedownload.php with path traversal payloads ../../../cfg/globals.php to...

EUVD-2018-21915

Navigate CMS 2.8.5 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by injecting directory traversal sequences in the id parameter. Attackers can send GET requests to navigatedownload.php with path traversal payloads ../../../cfg/globals.php to...

Langflow 1.3.0 - Remote Code Execution

Exploit Title: Langflow 1.3.0 - Remote Code Execution Fofa-dork: title="Langflow" Shodan-dork: title:"Langflow" Date: 23-05-2026 Exploit Author: Diamorphine Venodor Homepage: https://www.langflow.org/ Software Link: https://github.com/langflow-ai/langflow Version: 1.2.0 Tested on: Debian CVE :...

PraisonAI has unsafe tool resolution in `ToolExecutionMixin.execute_tool`: undeclared `__main__` callables execute

Summary praisonaiagents resolves unresolved tool names against module globals and main after it fails to match the declared tool list and the registry. With the default agent configuration, permallow is None, so undeclared non-dangerous tool names are not rejected by the permission gate. An...

CLSA-2026-1777370059 wireshark: Fix of 7 CVEs

CVE-2021-4181: sysdig event dissector SIGSEGV fix - CVE-2021-4182: rfc7468 file parser infinite loop fix - CVE-2021-4184: bt-dht endless loop fix - CVE-2021-4186: gryphon NULL pktinfo dereference fix - CVE-2021-4190: kafka dissector varint strictness fix - CVE-2022-0581: cms dissector...

CVE-2026-1839

CVE-2026-1839 concerns the HuggingFace Transformers library, affecting the Trainer class. The root cause is an unsafe load in src/transformers/trainer.py: _load_rng_state() calls torch.load() without weights_only=True, which can allow arbitrary code execution when loading a malicious checkpoint (...

CVE-2026-34208 SandboxJS: Sandbox integrity escape

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, SandboxJS blocks direct assignment to global objects for example Math.random = ..., but this protection can be bypassed through an exposed callable constructor path: this.constructor.calltarget, attackerObject. Because this.constructo...

CVE-2026-34208

CVE-2026-34208 (SandboxJS) affects SandboxJS versions prior to 0.8.36. The vulnerability arises because an exposed constructor path (this.constructor.call(target, attackerObject)) can bypass the global-write protection and cause host global objects to be mutated by attacker-controlled payloads. T...

GHSA-2GG9-6P7W-6CPJ SandboxJS: Sandbox integrity escape

Summary SandboxJS blocks direct assignment to global objects for example Math.random = ..., but this protection can be bypassed through an exposed callable constructor path: this.constructor.calltarget, attackerObject. Because this.constructor resolves to the internal SandboxGlobal function and...

PT-2026-30272

Name of the Vulnerable Software and Affected Versions SandboxJS versions prior to 0.8.35 Description SandboxJS has a flaw where direct assignment to global objects is blocked, but this protection can be bypassed through a callable constructor path using this.constructor.calltarget, attackerObject...

MAL-2026-1513 Malicious code in vitest-globals (npm)

The package 'vitest-globals' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...

Malicious code in vitest-globals (npm)

The package 'vitest-globals' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...

Permissive List of Allowed Inputs

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Permissive List of Allowed Inputs in the unsafeglobals function that does not block pkgutil.resolvename Python stdlib function. An attacker can...

Incomplete List of Disallowed Inputs

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the unsafeglobals function. An attacker can execute arbitrary code by crafting a malicious pickle that...

Unsafe Dependency Resolution

Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the execglobals parameter in the validate endpoint. An attacker can execute arbitrary cod...

CVE-2026-0770

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific...

CVE-2026-0770

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific...

CVE-2026-0770 Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability

Langflow execglobals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific...

Langflow security vulnerabilities

Langflow is an open-source visualization framework developed by Langflow for building multi-agent and RAG applications. Langflow has a security vulnerability that stems from processing the execglobals parameter, which includes resources from untrusted control ranges, potentially leading to remote...