44 matches found
GHSA-22QR-RP27-J9WM PenPot MCP REPL server binds to 0.0.0.0 with unauthenticated /execute endpoint — RCE
Summary The MCP module's ReplServer binds to all interfaces 0.0.0.0:4403 and exposes a /execute endpoint that runs arbitrary code with zero authentication. Anyone on the network can POST JavaScript and it runs on the server. The main PenpotMcpServer was partially fixed for a similar binding issue...
PT-2026-42034
Summary The MCP module's ReplServer binds to all interfaces 0.0.0.0:4403 and exposes a /execute endpoint that runs arbitrary code with zero authentication. Anyone on the network can POST JavaScript and it runs on the server. The main PenpotMcpServer was partially fixed for a similar binding issue...
Arbitrary Code Injection
Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Arbitrary Code Injection through lib/builtin.js. An attacker can execute host code when the allowlist includes -X or uses and then calls...
@jupyter-notebook/application (>=7.2.0 <=7.4.7), @jupyterlite/application (>=0.4.0 <=0.6.4) +4 more potentially affected by CVE-2026-42557 via @jupyterlab/rendermime-interfaces (>=3.10.7 <=3.12.10)
@jupyterlab/rendermime-interfaces NPM version =3.10.7, =7.2.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.1.1, =0.2.2 Source cves: CVE-2026-42557 Source advisory: SNYK:JS-JUPYTERLABRENDERMIMEINTERFACES-16438959...
Astra Linux - уязвимость в 389-ds-base
When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, resulting in a crash...
Langflow RCE
The CSV Agent node in Langflow hardcodes allowdangerouscode=True, which automatically exposes LangChain's Python REPL tool pythonreplast. As a result, an attacker can execute arbitrary Python and OS commands on the server via prompt injection, leading to full Remote Code Execution RCE. Module...
📄 Langflow Remote Code Execution
The CSV Agent node in Langflow hardcodes allowdangerouscode=True, which automatically exposes the LangChains Python REPL tool pythonreplast. As a result, an attacker can execute arbitrary Python and OS commands on the server via prompt injection, leading to full remote code execution. This module...
GHSA-3645-FXCV-HQR4 Langflow has Remote Code Execution in CSV Agent
Summary The CSV Agent node in Langflow hardcodes allowdangerouscode=True, which automatically exposes LangChain’s Python REPL tool pythonreplast. As a result, an attacker can execute arbitrary Python and OS commands on the server via prompt injection, leading to full Remote Code Execution RCE...
Arbitrary Code Injection
Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to Arbitrary Code Injection via the allowdangerouscode=True which automatically exposes LangChain’s Python REPL tool...
CVE-2026-27966
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.8.0, the CSV Agent node in Langflow hardcodes allowdangerouscode=True, which automatically exposes LangChain’s Python REPL tool pythonreplast. As a result, an attacker can execute arbitrary Python an...
MiracleLinux 7 : 389-ds-base-1.3.10.2-17.el7 (AXSA:2022-3917:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3917:03 advisory. 389-ds-base: SIGSEGV in syncrepl CVE-2022-2850 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...
EUVD-2016-9453
Malware in sbrugna...
CVE-2024-38459
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...
GHSA-WMVM-9VQV-5QPP langchain_experimental Code Execution via Python REPL access
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...
langchain_experimental Code Execution via Python REPL access
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...
CVE-2024-38459
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...
CVE-2024-38459
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...
PYSEC-2024-53
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...
PYSEC-2024-53
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...
CVE-2024-38459
langchainexperimental aka LangChain Experimental before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444...