149 matches found
PYSEC-2026-383 Langroid has WAF Bypass Leading to RCE in TableChatAgent
Affected Scope langroid = 0.59.31 Vulnerability Description CVE-2025-46724 fix bypass: TableChatAgent can call pandaseval tool to evaluate the expression. There is a WAF in langroid/utils/pandasutils.py introduced to block code injection CVE-2025-46724. However it can be bypassed due to literalok...
PYSEC-2026-446 Code execution in pandasai
GenerateSDFPipeline in syntheticdataframe in PandasAI aka pandas-ai through 1.5.17 allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English language specification of this Python code. NOTE:...
PYSEC-2026-381 Langroid has a Code Injection vulnerability in TableChatAgent
Summary TableChatAgent uses pandas eval. If fed by untrusted user input, like the case of a public-facing LLM application, it may be vulnerable to code injection. PoC For example, one could prompt the Agent: Evaluate the following pandas expression on the data provided and print output:...
CVE-2026-41137
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an attacker can provide a command injection payload that will get interpolated and executed by the...
Malicious code in pandas-data (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 34c3e3d51b95102fd72f00c2b6c4bce7e34a801326dfbe7557f2d4346ed37508 Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The...
MAL-2026-3661 Malicious code in pandas-data (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 34c3e3d51b95102fd72f00c2b6c4bce7e34a801326dfbe7557f2d4346ed37508 Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The...
GHSA-WCR3-GM9F-F87Q Ludwig framework is vulnerable to insecure deserialization through its predict() method.
The Ludwig framework thru 0.10.4 is vulnerable to insecure deserialization CWE-502 through its predict method. When a user provides a dataset file path to the predict method, the framework automatically determines the file format. If the file is a pickle .pkl file, it is loaded using...
CVE-2026-41138
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the question parameter within...
CVE-2026-41138
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the question parameter within...
EUVD-2026-25277
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an attacker can provide a command injection payload that will get interpolated and executed by the...
CVE-2026-41137
Flowise CVE-2026-41137 affects the Flowise UI stack, specifically the CSVAgent component, which allows providing a custom Pandas CSV read code. The lack of sanitization enables a command-injection payload to be interpolated and executed by the server. This is documented across multiple sources, w...
CVE-2026-41138 Flowise: Remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas.
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the question parameter within...
CVE-2026-41138
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the question parameter within...
EUVD-2026-25278
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the question parameter within...
CVE-2026-41138 Flowise: Remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas.
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the question parameter within...
CVE-2026-41138
Summary (CVE-2026-41138): Flowise Flowise 3.x contains a remote code execution vulnerability in the Airtable_Agent path (AirtableAgent.ts) due to lack of input verification when using Pandas. User input is injected into the prompt’s question parameter and reflected into Python code without saniti...
Flowise 代码注入漏洞
Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Prior to Flowise 3.1.0, there was a code injection vulnerability. This vulnerability stemmed from the CSVAgent component, which allowed the provision of custom Pandas CSV reading code. Lack of...
PT-2026-34730
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the question parameter within...
dagster-snowflake-pandas (>=0.17.3 <=0.29.0), dagster-snowflake-polars (>=0.27.2 <=0.29.0) +2 more potentially affected by CVE-2026-41490 via dagster-snowflake (>=0.17.21 <=0.29.0)
dagster-snowflake PYPI version =0.17.21, =0.17.3, =0.27.2, =0.17.21, =1.0.0, =1.1.0 Source cves: CVE-2026-41490 Source advisory: SNYK:PYTHON-DAGSTERSNOWFLAKE-16109579...
dagster-gcp-pandas (>=0.17.21 <=0.29.0), dagster-gcp-pyspark (>=0.17.21 <=0.29.0) +1 more potentially affected by CVE-2026-41490 via dagster-gcp (>=0.17.21 <=0.29.0)
dagster-gcp PYPI version =0.17.21, =0.17.21, =0.17.21, =0.1.0, =0.1.6 Source cves: CVE-2026-41490 Source advisory: SNYK:PYTHON-DAGSTERGCP-16109578...