Lucene search
+L

5 matches found

Snyk
Snyk
added 2026/04/18 12:46 a.m.2 views

Incomplete List of Disallowed Inputs

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the run method of the AirtableAgents class, which evaluates LLM-generated Python scripts in a non-sandboxed environment. An attacker can execute...

9.8CVSS6.3AI score0.00464EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/01 5:3 p.m.7 views

CVE-2026-34172

Giskard is an open-source Python library for testing and evaluating agentic systems. Prior to versions 0.3.4 and 1.0.2b1, ChatWorkflow.chatmessage passes its string argument directly as a Jinja2 template source to a non-sandboxed Environment. A developer who passes user input to this method enabl...

8.8CVSS6.3AI score0.00611EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/03/27 10:17 p.m.10 views

Giskard Agents have Server-side template injection via ChatWorkflow.chat() using non-sandboxed Jinja2 Environment

Summary ChatWorkflow.chatmessage passes its string argument directly as a Jinja2 template source to a non-sandboxed Environment. A developer who passes user input to this method enables full remote code execution via Jinja2 class traversal. The method name chat and parameter name message naturall...

8.8CVSS6.5AI score0.00611EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/03/27 10:17 p.m.11 views

GHSA-FRV4-X25R-588M Giskard Agents have Server-side template injection via ChatWorkflow.chat() using non-sandboxed Jinja2 Environment

Summary ChatWorkflow.chatmessage passes its string argument directly as a Jinja2 template source to a non-sandboxed Environment. A developer who passes user input to this method enables full remote code execution via Jinja2 class traversal. The method name chat and parameter name message naturall...

7.7CVSS6.5AI score0.00611EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28603

Name of the Vulnerable Software and Affected Versions Giskard versions prior to 0.3.4 Giskard versions prior to 1.0.2b1 Description Giskard, a Python library for testing agentic systems, contains a flaw where the ChatWorkflow.chat method directly uses a string argument as a Jinja2 template source...

8.8CVSS6.7AI score0.00611EPSS
Exploits1References11
Rows per page
Query Builder