Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.8 views

CVE-2026-40154

PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI treats remotely fetched template files as trusted executable code without integrity verification, origin validation, or user confirmation, enabling supply chain attacks through malicious templates. This vulnerability is fixed in...

9.6CVSS5.5AI score0.00304EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/24 12:0 a.m.4 views

EUVD-2025-198965

The update mechanism in Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is insecure. The application downloads and extracts update packages containing executable code without performing a cryptographic integrity or authenticity check on their contents. An attacker who can control th...

8.8CVSS7.3AI score0.00269EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.4 views

PT-2025-41535

Name of the Vulnerable Software and Affected Versions HCL MyXalytics version 6.6 Description The software contains a flaw related to the inclusion of functionality from an untrusted control sphere. Specifically, the application allows loading third-party scripts without proper integrity checks or...

3.1CVSS6.6AI score0.00175EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/09/02 12:0 a.m.5 views

The vulnerability of the Smart Tunnel component of the microprogramming software for Cisco Adaptive Security Appliance allows a attacker to load a malicious executable file.

The vulnerability of the Smart Tunnel component of the Cisco Adaptive Security Appliance microprogramming firewall software is related to the lack of checks for the integrity of system files. Exploiting this vulnerability could allow a attacker to load a malicious executable file...

6.7CVSS5.5AI score0.00298EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder