PT-2026-43417

A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be...

CVE-2026-5971

A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xmlfill of the file metagpt/actions/actionnode.py of the component XML Handler. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated cod...

CVE-2026-5971

A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xmlfill of the file metagpt/actions/actionnode.py of the component XML Handler. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated cod...

CVE-2026-5971

FoundationAgents MetaGPT up to 0.8.1 is affected. The vulnerability lies in ActionNode.xml_fill within metagpt/actions/action_node.py (XML Handler). It enables remote exploitation through manipulation of dynamically evaluated code, with reports that an exploit has been published. Multiple sources...

Planet ICG-2510 安全漏洞

Planet ICG-2510 is an IoT cellular gateway developed by Planet Company in Taiwan, China. The version 1.020250811 of Planet ICG-2510 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “Language” in the function sub40C8E4 within the file...

EUVD-2023-3115

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-35450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gobby 0.4.11 allows a NULL pointer dereference in the D-Bus handler for certain setlanguage calls. CVE-2020-35450 Note that Nessus relies on the presence of the...

Code Injection

ShifuM is vulnerable to Code Injection. The vulnerability is due to improper handling of the FilterExpression argument within the Java Expression Language Handler in the src/main/java/ml/shifu/shifu/core/DataPurifier.java file. This issue can be exploited by an attacker by manipulating the...

ShifuML shifu code injection vulnerability

A vulnerability has been found in ShifuML shifu 0.12.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file src/main/java/ml/shifu/shifu/core/DataPurifier.java of the component Java Expression Language Handler. The manipulation of the argument...

CVE-2023-7148

A vulnerability has been found in ShifuML shifu 0.12.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file src/main/java/ml/shifu/shifu/core/DataPurifier.java of the component Java Expression Language Handler. The manipulation of the argument...

Code injection

A vulnerability has been found in ShifuML shifu 0.12.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file src/main/java/ml/shifu/shifu/core/DataPurifier.java of the component Java Expression Language Handler. The manipulation of the argument...

CVE-2023-7148

Summary of CVE-2023-7148 (ShifuML Shifu 0.12.0) : The vulnerability affects the Java Expression Language Handler, specifically the file src/main/java/ml/shifu/shifu/core/DataPurifier.java, where manipulation of the FilterExpression argument enables code injection. This can be exploited remotely; ...