2 matches found
EUVD-2026-28646
Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue in OSS PasswordPusher allowed unauthenticated creation of file-type pushes through a generic JSON API create path under certain configurations. Thi...
CVE-2026-42076
CVE-2026-42076 affects Evolver, a GEP-powered self-evolving engine for AI agents. A command injection flaw exists in the _extractLLM() function prior to version 1.69.3: the code builds a curl command via string concatenation and passes it to execSync() without proper sanitization, enabling remote...