CVE-2026-34953

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validatetoken returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access t...

PT-2019-1324 · Oracle +6 · Mysql Server +5

Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 8.0.13 and prior Description: The issue is related to insufficient access control in the Server: DDL component of Oracle MySQL Server, allowing a remote attacker to cause a denial of service. Successful exploitati...