2 matches found
CVE-2026-40156 PraisonAI Affected by Implicit Execution of Arbitrary Code via Automatic `tools.py` Loading
PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This loading process uses importlib.util.specfromfilelocation and immediately executes module-level code v...
CVE-2019-3648 Implicit loading of DLLs
A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission...