Lucene search
K

6 matches found

NVD
NVD
added yesterday5 views

CVE-2026-60087

PraisonAI before 1.6.78 caches tool approval decisions by tool name only, allowing attackers to reuse initial approvals for subsequent calls with arbitrary arguments. Attackers can exploit this by obtaining approval for a benign operation and then executing dangerous file write operations with...

6.9CVSS
Exploits0References2
NVD
NVD
added 2026/06/18 11:16 p.m.15 views

CVE-2026-56074

PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent executecommand calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate API keys and...

6.8CVSS0.00116EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 10:12 p.m.9 views

CVE-2026-56074

PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent executecommand calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate API keys and...

6.8CVSS5.3AI score0.00116EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/10/20 10:18 a.m.4 views

OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerabilit...

3.7CVSS7.3AI score0.01473EPSS
Exploits0References4
CNVD
CNVD
added 2021/06/03 12:0 a.m.5 views

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2021-41087)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. An information disclosure vulnerability exists in Mozilla Firefox in version 89 and earlier versions, which stems from the fact that Firefox caches the last filename used to print a file. Firefox...

4.3CVSS5.7AI score0.00829EPSS
Exploits0References1
Prion
Prion
added 2007/01/23 12:28 a.m.12 views

Authentication flaw

The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user name across requests, which allows remote authenticated users to gain the privileges of a different user...

6.5CVSS6.8AI score0.01188EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder