CVE-2026-39413 LightRAG has a JWT Algorithm Confusion Vulnerability in LightRAG API

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.4.14, the LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode call does not explicitly deny the 'none'...

CVE-2026-39413 LightRAG has a JWT Algorithm Confusion Vulnerability in LightRAG API

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.4.14, the LightRAG API is vulnerable to a JWT algorithm confusion attack where an attacker can forge tokens by specifying 'alg': 'none' in the JWT header. Since the jwt.decode call does not explicitly deny the 'none'...

CVE-2026-20709

Use of Default Cryptographic Key in the hardware for some IntelR PentiumR Processor Silver Series, IntelR CeleronR Processor J Series, IntelR CeleronR Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexit...

CVE-2026-35477 InvenTree has SSTI in PART_NAME_FORMAT bypasses CVE-2026-27629 fix via {% if part.pk %} sandbox escape

InvenTree is an Open Source Inventory Management System. From 1.2.3 to 1.2.6, the fix for CVE-2026-27629 upgraded the PARTNAMEFORMAT validator to use jinja2.sandbox.SandboxedEnvironment. However, the actual renderer in part/helpers.py was not updated and still uses the non-sandboxed...

CVE-2026-35477 InvenTree has SSTI in PART_NAME_FORMAT bypasses CVE-2026-27629 fix via {% if part.pk %} sandbox escape

InvenTree is an Open Source Inventory Management System. From 1.2.3 to 1.2.6, the fix for CVE-2026-27629 upgraded the PARTNAMEFORMAT validator to use jinja2.sandbox.SandboxedEnvironment. However, the actual renderer in part/helpers.py was not updated and still uses the non-sandboxed...

EUVD-2026-20588

InvenTree is an Open Source Inventory Management System. From 1.2.3 to 1.2.6, the fix for CVE-2026-27629 upgraded the PARTNAMEFORMAT validator to use jinja2.sandbox.SandboxedEnvironment. However, the actual renderer in part/helpers.py was not updated and still uses the non-sandboxed...

CVE-2026-35477

CVE-2026-35477 affects InvenTree (1.2.3–1.2.6) where the PART_NAME_FORMAT validator used jinja2.sandbox.SandboxedEnvironment, but the actual renderer in part/helpers.py still used non-sandboxed jinja2.Environment. The validator also used a dummy Part with pk=None, creating a mismatch between vali...

GHSA-QF73-2HRX-XPRP PraisonAI has sandbox escape via exception frame traversal in `execute_code` (subprocess mode)

Summary executecode in praisonaiagents.tools.pythontools defaults to sandboxmode="sandbox", which runs user code in a subprocess wrapped with a restricted builtins dict and an AST-based blocklist. The AST blocklist embedded inside the subprocess wrapper blockedattrs, line 143 of pythontools.py...

PraisonAI has sandbox escape via exception frame traversal in `execute_code` (subprocess mode)

Summary executecode in praisonaiagents.tools.pythontools defaults to sandboxmode="sandbox", which runs user code in a subprocess wrapped with a restricted builtins dict and an AST-based blocklist. The AST blocklist embedded inside the subprocess wrapper blockedattrs, line 143 of pythontools.py...

K000160680: Node.js vulnerability CVE-2026-21636

Security Advisory Description A flaw in Node.js's permission model allows Unix Domain Socket UDS connections to bypass network restrictions when --permission is enabled. Even without --allow-net, attacker-controlled inputs such as URLs or socketPath options can connect to arbitrary local sockets...

CVE-2026-20709

Use of Default Cryptographic Key in the hardware for some IntelR PentiumR Processor Silver Series, IntelR CeleronR Processor J Series, IntelR CeleronR Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexit...

CVE-2026-20709

Use of Default Cryptographic Key in the hardware for some IntelR PentiumR Processor Silver Series, IntelR CeleronR Processor J Series, IntelR CeleronR Processor N Series may allow an escalation of privilege. Hardware reverse engineer adversary with a privileged user combined with a high complexit...

CVE-2026-20709

This CVE (CVE-2026-20709) concerns the use of a default cryptographic key embedded in hardware on select Intel processors (Pentium Silver, Celeron J/N series). The root cause is a default key in hardware that could be exploited by a hardware reverse engineer with privileged access and high attack...

Security Bulletin: IBM DataPower Gateway vulnerable to Denial of Service due to use of Bytes (CVE-2026-25541)

Summary IBM DataPower Gateway uses Bytes in the 'Gateway Peering' feature, and in 10.6.0 and 10.6CD only the 'GitOps' feature. Vulnerability Details CVEID:CVE-2026-25541 DESCRIPTION: Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to...

Security Bulletin: EDB PGAI Databases is affected by Multiple Vulnerabilities.

Summary Multiple Vulnerabilities found in EDB PGAI Databases 18.0. It has been addressed in 18.2. Hence, IBM strongly recommends upgrading to 18.2. Vulnerability Details CVEID:CVE-2024-25260 DESCRIPTION: elfutils v0.189 was discovered to contain a NULL pointer dereference via the handleverdef...

K000160663: Moby vulnerability CVE-2025-54410

Security Advisory Description Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads...

GHSA-H9MW-H4QC-F5JF kubernetes-graphql-gateway: GraphQL Endpoint Vulnerable to Authenticated Denial-of-Service via Unrestricted Query Execution

CVSS 6.5 Medium — The GraphQL API served by kubernetes-graphql-gateway is vulnerable to Denial-of-Service DoS attacks due to a complete absence of query resource controls depth limiting, complexity analysis, response size capping, and rate limiting. An authenticated attacker can craft queries tha...

kubernetes-graphql-gateway: GraphQL Endpoint Vulnerable to Authenticated Denial-of-Service via Unrestricted Query Execution

CVSS 6.5 Medium — The GraphQL API served by kubernetes-graphql-gateway is vulnerable to Denial-of-Service DoS attacks due to a complete absence of query resource controls depth limiting, complexity analysis, response size capping, and rate limiting. An authenticated attacker can craft queries tha...

GHSA-3XXC-PWJ6-JGRJ rfc3161-client Has Improper Certificate Validation

Summary An Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw in how the library extracts the leaf certificate from an unordered PKCS7 bag of certificates, an attacker ca...

rfc3161-client Has Improper Certificate Validation

Summary An Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw in how the library extracts the leaf certificate from an unordered PKCS7 bag of certificates, an attacker ca...