110 matches found
CVE-2026-14784
A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The manipulation leads to sandbox issue. The attack may be initiated remotely. The pull request to fix this issue awaits acceptan...
CVE-2026-14784
A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The manipulation leads to sandbox issue. The attack may be initiated remotely. The pull request to fix this issue awaits acceptan...
EUVD-2026-41795
A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The manipulation leads to sandbox issue. The attack may be initiated remotely. The pull request to fix this issue awaits acceptan...
CVE-2026-14784 vxcontrol PentAGI Docker API client.go sandbox
A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The manipulation leads to sandbox issue. The attack may be initiated remotely. The pull request to fix this issue awaits acceptan...
CVE-2026-14784
CVE-2026-14784 affects vxcontrol PentAGI up to 2.1.0, involving the Docker API client (backend/pkg/docker/client.go) and a sandbox issue in an unknown function. The advisory notes a remote-initiated attack vector, with a pull request to fix this issue awaiting acceptance. There are no details in ...
RHEL 9 : firefox (RHSA-2026:22324)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22324 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
CVE-2026-6224
A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file packages/plugins/@nocobase/plugin-workflow-javascript/src/server/Vm.js. Performing a manipulation results in sandbox issue. The attack can be...
CVE-2026-11306
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...
CVE-2026-11000
Use after free in Fonts in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-9897
Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-9368
A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function executecode of the file tools/codeexecutiontool.py of the component Environment Variable Handler. Such manipulation leads to sandbox issue. It is possible to launch the attack remotely. The...
CVE-2026-9368
A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function executecode of the file tools/codeexecutiontool.py of the component Environment Variable Handler. Such manipulation leads to sandbox issue. It is possible to launch the attack remotely. The...
EUVD-2026-31582
A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function executecode of the file tools/codeexecutiontool.py of the component Environment Variable Handler. Such manipulation leads to sandbox issue. It is possible to launch the attack remotely. The...
CVE-2026-9368 NousResearch hermes-agent Environment Variable code_execution_tool.py execute_code sandbox
A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function executecode of the file tools/codeexecutiontool.py of the component Environment Variable Handler. Such manipulation leads to sandbox issue. It is possible to launch the attack remotely. The...
PT-2026-42928
Name of the Vulnerable Software and Affected Versions hermes-agent versions prior to 2026.4.17 Description A remote attack can be launched against the Environment Variable Handler component. The issue resides in the execute code function within the tools/code execution tool.py file, where...
CVE-2026-7358
Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
EUVD-2026-25146
A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...
GHSA-H57C-V2V3-5V3V verl's math_equal() Vulnerable to Arbitrary Code Execution via Unsafe eval()
A vulnerability was identified in ByteDance verl up to 0.7.1. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to a sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...
CVE-2026-6878
A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...
CVE-2026-6878 ByteDance verl grader.py math_equal sandbox
A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function mathequal of the file primemath/grader.py. The manipulation leads to sandbox issue. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be...