CVE-2026-4231 vanna-ai vanna Endpoint __init__.py run_sql server-side request forgery

A vulnerability was found in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function updatesql/runsql of the file src/vanna/legacy/flask/init.py of the component Endpoint. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely. Th...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.3.0 and earlier 11.3.x series, as well as 11.2.2 and earlier versions 11.2.x series, have security vulnerabilities. These vulnerabilities stem from the unauthorized...

PT-2026-25784

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that submit forged requests using...

PT-2026-25810

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2 fail to verify run create permission for empty playbookId, which allows team members to create unauthorized runs via the playbook run API. Mattermost Advisory ID: MMSA-2025-00542...

CVE-2026-31886

Dagu is a workflow engine with a built-in Web user interface. Prior to 2.2.4, the dagRunId request field accepted by the inline DAG execution endpoints is passed directly into filepath.Join to construct a temporary directory path without any format validation. Go's filepath.Join resolves...

GO-2026-4693 Dagu: Path Traversal via `dagRunId` in Inline DAG Execution in github.com/dagu-org/dagu

Dagu: Path Traversal via dagRunId in Inline DAG Execution in github.com/dagu-org/dagu...

CVE-2026-31886 Dagu has a Path Traversal via `dagRunId` in Inline DAG Execution

Dagu is a workflow engine with a built-in Web user interface. Prior to 2.2.4, the dagRunId request field accepted by the inline DAG execution endpoints is passed directly into filepath.Join to construct a temporary directory path without any format validation. Go's filepath.Join resolves...

CVE-2026-31886 Dagu has a Path Traversal via `dagRunId` in Inline DAG Execution

Dagu is a workflow engine with a built-in Web user interface. Prior to 2.2.4, the dagRunId request field accepted by the inline DAG execution endpoints is passed directly into filepath.Join to construct a temporary directory path without any format validation. Go's filepath.Join resolves...

CVE-2026-31886 Dagu has a Path Traversal via `dagRunId` in Inline DAG Execution

Dagu is a workflow engine with a built-in Web user interface. Prior to 2.2.4, the dagRunId request field accepted by the inline DAG execution endpoints is passed directly into filepath.Join to construct a temporary directory path without any format validation. Go's filepath.Join resolves...

CVE-2026-31886

CVE-2026-31886 affects Dagu (workflow engine) prior to 2.2.4. The dagRunId parameter used by inline DAG execution endpoints is passed into filepath.Join without validation, allowing a directory traversal (e.g., ".."). Go’s Join resolves such paths to system temp directories (like /tmp), and a def...

CVE-2026-31886

Dagu is a workflow engine with a built-in Web user interface. Prior to 2.2.4, the dagRunId request field accepted by the inline DAG execution endpoints is passed directly into filepath.Join to construct a temporary directory path without any format validation. Go's filepath.Join resolves...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the system.run. An attacker can execute unauthorized local code by obtaining approval for a benign script-runner command, then rewriting the referenced script ...

OpenClaw: Unrecognized script runners could bypass `system.run` approval integrity

Summary In affected versions of openclaw, node-host system.run approvals did not bind a mutable file operand for some script runners, including forms such as tsx and jiti. An attacker could obtain approval for a benign script-runner command, rewrite the referenced script on disk, and have the...

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition via the system.run process. An attacker can execute unintended local code as the runtime user by modifying an approved local script after...

GHSA-XF99-J42Q-5W5P OpenClaw: Unbound interpreter and runtime commands could bypass node-host approval integrity

Summary In affected versions of openclaw, node-host system.run approvals could still execute rewritten local code for interpreter and runtime commands when OpenClaw could not bind exactly one concrete local file operand during approval planning. Impact Deployments using node-host system.run...

EUVD-2026-12089

Dagu: Path Traversal via dagRunId in Inline DAG Execution...

Microsoft Windows Malicious Script File Generator

This PHP script generates a malicious .WSF Windows Script File containing both VBScript and JScript payload blocks. The payload runs arbitrary system commands through WScript.Shell...

Microsoft Windows Registry Editor Version 5.00 Malicious Registry File Generator

This script generates a malicious Windows Registration Entries .reg file designed to establish persistence on Windows systems. It creates a registry file that, when executed by a user, adds the attacker's payload to Windows auto-run registry keys. Written in PHP...

Cisco Finesse XSS (cisco-sa-cc-xss-MrNAH5Jh)

According to its self-reported version, Cisco Finesse is affected by a cross-site scripting vulnerability in the web-based management interface due to insufficient validation of user-supplied input. An unauthenticated, remote attacker could exploit this vulnerability by persuading a user of the...

PT-2026-25326

Dagu and Affected Versions Dagu versions prior to 2.2.4 Description Dagu, a workflow engine, contains a path traversal flaw in the inline DAG execution endpoints. The dagRunId request field is passed directly into filepath.Join without proper validation, allowing an attacker to redirect the...