CVE-2026-5526

A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been...

CVE-2026-5601

A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup File Handler. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been made public...

CVE-2026-5597

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

CVE-2026-5601

A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup File Handler. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been made public...

CVE-2026-5597

The CVE-2026-5597 entry concerns griptape-ai griptape v0.19.4. Affects the ComputerTool component (griptape\tools\computer\tool.py) where manipulation of the argument filename can cause a path traversal. It is possible to exploit remotely; the exploit has been published. Exploit maturity is repor...

CVE-2026-5597

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

CVE-2026-5597 griptape-ai griptape ComputerTool tool.py path traversal

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

CVE-2026-5597 griptape-ai griptape ComputerTool tool.py path traversal

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

CVE-2026-5596 griptape-ai griptape SqlTool tool.py sql injection

A vulnerability was detected in griptape-ai griptape 0.19.4. Affected by this issue is some unknown functionality of the file griptape/tools/sql/tool.py of the component SqlTool. Performing a manipulation results in sql injection. It is possible to initiate the attack remotely. The exploit is now...

CVE-2026-5595 griptape-ai griptape FileManagerTool save_memory_artifacts_to_disk path traversal

A security vulnerability has been detected in griptape-ai griptape 0.19.4. Affected by this vulnerability is the function loadfilesfromdisk/listfilesfromdisk/savecontenttofile/savememoryartifactstodisk of the component FileManagerTool. Such manipulation leads to path traversal. The attack may be...

CVE-2026-5595

The CVE-2026-5595 entry affects griptape-ai griptape 0.19.4, specifically the FileManagerTool functions load_files_from_disk, list_files_from_disk, save_content_to_file, and save_memory_artifacts_to_disk, with a path traversal flaw. The issue can be exploited remotely and the exploit has been pub...

EUVD-2026-19105

A vulnerability was found in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /OnlineClassroom/addassessment.php of the component Parameter Handler. Performing a manipulation of the argument deleteid results in sql injection. The attack is possible to be carried...

EUVD-2026-19103

A vulnerability has been found in Song-Li crossbrowser up to ca690f0fe6954fd9bcda36d071b68ed8682a786a. This affects an unknown part of the file flask/uniquemachineapp.py of the component details Endpoint. Such manipulation of the argument ID leads to sql injection. The attack can be executed...

CVE-2026-5594 premAI-io premsql followup.py eval code injection

A weakness has been identified in premAI-io premsql up to 0.2.1. Affected is the function eval of the file premsql/agents/baseline/workers/followup.py. This manipulation of the argument result causes code injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-5594 premAI-io premsql followup.py eval code injection

A weakness has been identified in premAI-io premsql up to 0.2.1. Affected is the function eval of the file premsql/agents/baseline/workers/followup.py. This manipulation of the argument result causes code injection. The attack is possible to be carried out remotely. The exploit has been made...

CVE-2026-5594

The CVE affects premAI-io premsql up to version 0.2.1. The vulnerability resides in the eval call within premsql/agents/baseline/workers/followup.py, allowing remote code execution through manipulated arguments. Public exploit material is available. The sources indicate the vendor was contacted b...

CVE-2026-5585

A vulnerability was found in Tencent AI-Infra-Guard 4.0. The affected element is an unknown function of the file common/websocket/taskmanager.go of the component Task Detail Endpoint. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit ha...

CVE-2026-5587 wbbeyourself MAC-SQL Refiner Agent agents.py _execute_sql sql injection

A vulnerability was identified in wbbeyourself MAC-SQL up to 31a9df5e0d520be4769be57a4b9022e5e34a14f4. This affects the function executesql of the file core/agents.py of the component Refiner Agent. The manipulation leads to sql injection. Remote exploitation of the attack is possible. The exploi...

CVE-2026-5586 zhongyu09 openchatbi Multi-stage Text2SQL Workflow sql injection

A vulnerability was determined in zhongyu09 openchatbi up to 0.2.1. The impacted element is an unknown function of the component Multi-stage Text2SQL Workflow. Executing a manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been...

CVE-2026-5586

CVE-2026-5586 affects zhongyu09 openchatbi up to version 0.2.1, specifically a vulnerability in an unknown function within the Multi-stage Text2SQL Workflow. Manipulating the argument keywords may lead to SQL injection. The attack can be launched remotely, and the exploit has been publicly disclo...