42 matches found
CVE-2026-49487 Apache Airflow: Task-instance API exposes secrets in deferred trigger kwargs
In Apache Airflow before 3.3.0, the REST API task-instance detail and list endpoints returned a deferred task's trigger kwargs without masking. When a deferred operator passed a secret for example a provider API key into its trigger, any authenticated user with DAG-scoped task-instance read acces...
CVE-2026-49487
Apache Airflow prior to 3.3.0 exposes secrets in clear text via the REST API. Specifically, the task-instance detail and list endpoints leak a deferred task’s trigger kwargs, so if a deferred operator passes a secret (e.g., a provider API key) into its trigger, any authenticated user with DAG-sco...
EUVD-2026-42029
In Apache Airflow before 3.3.0, the REST API task-instance detail and list endpoints returned a deferred task's trigger kwargs without masking. When a deferred operator passed a secret for example a provider API key into its trigger, any authenticated user with DAG-scoped task-instance read acces...
PT-2026-56180
Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.3.0 Description The REST API task-instance detail and list endpoints return a deferred task's trigger kwargs without masking. This allows any authenticated user with DAG-scoped task-instance read access to vi...
CVE-2026-11466
A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...
CVE-2026-11466
A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...
CVE-2026-11466 zilliztech deep-searcher collection_router.py CollectionRouter.invoke access control
A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...
CVE-2026-11466 zilliztech deep-searcher collection_router.py CollectionRouter.invoke access control
A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...
PT-2026-47197
Name of the Vulnerable Software and Affected Versions zilliztech deep-searcher versions prior to 0.0.3 Description Improper access controls in the CollectionRouter.invoke function within the deepsearcher/agent/collection router.py file allow for remote exploitation. This issue is caused by the...
OESA-2026-2308 python-GitPython security update
GitPython is a python library used to interact with git repositories, high-level like git-porcelain, or low-level like git-plumbing. Security Fixes: Summary GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and...
OESA-2026-2307 python-GitPython security update
GitPython is a python library used to interact with git repositories, high-level like git-porcelain, or low-level like git-plumbing. Security Fixes: Summary GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and...
CVE-2026-42215 GitPython: Command injection via Git options bypass
GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and receivepack bypass that check. If an...
CVE-2026-42215
GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and receivepack bypass that check. If an...
EUVD-2026-28411
GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and receivepack bypass that check. If an...
GitPython 操作系统命令注入漏洞
GitPython is a Python library developed by gitpython-developers, used for interacting with Git repositories. Versions of GitPython from 3.1.30 to 3.1.47 contained an operating system command injection vulnerability. This vulnerability stemmed from allowing dangerous Git options without proper...
Insertion of Sensitive Information into Log File
Overview langsmith is a Client library to connect to the LangSmith Observability and Evaluation Platform. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File through the Client handling of events. An attacker can bypass redaction controls and...
(Pwn2Own) QNAP TS-453E server_handlers.pyc rr2s.kwargs Error Message Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of QNAP TS-453E devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2026-27953 ormar has a Pydantic Validation Bypass via Kwargs Injection in Model Constructor
ormar is a async mini ORM for Python. Versions 0.23.0 and below are vulnerable to Pydantic validation bypass through the model constructor, allowing any unauthenticated user to skip all field validation by injecting "pkonly": true into a JSON request body. By injecting "pkonly": true into a JSON...
CVE-2026-27953 ormar has a Pydantic Validation Bypass via Kwargs Injection in Model Constructor
ormar is a async mini ORM for Python. Versions 0.23.0 and below are vulnerable to Pydantic validation bypass through the model constructor, allowing any unauthenticated user to skip all field validation by injecting "pkonly": true into a JSON request body. By injecting "pkonly": true into a JSON...
CVE-2026-27953 ormar has a Pydantic Validation Bypass via Kwargs Injection in Model Constructor
ormar is a async mini ORM for Python. Versions 0.23.0 and below are vulnerable to Pydantic validation bypass through the model constructor, allowing any unauthenticated user to skip all field validation by injecting "pkonly": true into a JSON request body. By injecting "pkonly": true into a JSON...