MAL-2026-4753 Malicious code in gt-tester-exp-profiler-exp-00000017 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1490f970bd52c80c89f33029f9e875f1fb595014621d50e0ce87a167d1cd348 setup.py installs a site-wide.pth file gttesterexpprofilerexp00000017probe.pth into site-packages that imports the package's probe module and calls...

CVE-2026-44336

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a pat...

GHSA-9MQQ-JQXF-GRVW PraisonAI MCP `tools/call` path-traversal => RCE via Python `.pth` injection

Summary PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a path or filename string from MCP tools/call arguments and joi...

Directory Traversal

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

CVE-2026-44336 PraisonAI MCP `tools/call` path-traversal and RCE via Python `.pth` injection

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a pat...

GHSA-J48Q-4C78-RHF9 openssl-encrypt: Dynamic .so loading for Whirlpool uses broad glob pattern without integrity verification

Severity: HIGH Summary The Whirlpool hash implementation in opensslencrypt/modules/registry/hashregistry.py at lines 570-589 uses glob patterns to find .so modules in site-packages and loads the first match via importlib without verifying module integrity. Affected Code python for sitepkg in...

openssl-encrypt: Dynamic .so loading for Whirlpool uses broad glob pattern without integrity verification

Severity: HIGH Summary The Whirlpool hash implementation in opensslencrypt/modules/registry/hashregistry.py at lines 570-589 uses glob patterns to find .so modules in site-packages and loads the first match via importlib without verifying module integrity. Affected Code python for sitepkg in...

MAL-2026-1085 Malicious code in ctf-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e47981485066b674150cc4d9d3709e41707e69111f188e54e772becc7349ab89 The package states to contain a modified curl library to allow low-level request modifications. However, there is also undisclosed malicious behavior: 1. The...

CVE-2026-26975

Music Assistant is an open-source media library manager that integrates streaming services with connected speakers. Versions 2.6.3 and below allow unauthenticated network-adjacent attackers to execute arbitrary code on affected installations. The music/playlists/update API allows users to bypass...

CVE-2026-26975

Music Assistant (open-source media library manager) versions 2.6.3 and earlier are affected by an unauthenticated, network-adjacent vulnerability enabling Remote Code Execution. The flaw arises from the music/playlists/update API, which can bypass .m3u extension enforcement and write files anywhe...

CVE-2026-26975 Music Assistant Server Path Traversal in Playlist Update API Allows Remote Code Execution

Music Assistant is an open-source media library manager that integrates streaming services with connected speakers. Versions 2.6.3 and below allow unauthenticated network-adjacent attackers to execute arbitrary code on affected installations. The music/playlists/update API allows users to bypass...

Python Site-Specific Hook Persistence

This module leverages Python's startup mechanism, where some files can be automically processed during the initialization of the Python interpreter. One of those files are startup hooks site-specific, dist-packages. If these files are present in site-specific or dist-packages directories, any lin...

Uncontrolled Search Path Element

Overview ramalama is a RamaLama is a command line tool for working with AI LLM models. Affected versions of this package are vulnerable to Uncontrolled Search Path Element via the addsitepackagestosyspath'/usr/local', which unconditionally appended /usr/local/lib/python/site-packages to sys.path....

CVE-2024-10902

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /v1/personal/agent/upload is vulnerable to Arbitrary File Upload with Path Traversal. This vulnerability allows unauthorized attackers to upload arbitrary files to the victim's file system at any location. The impact of this vulnerability...

CVE-2024-10901

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/chart/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim's file...

CVE-2024-10902

CVE-2024-10902 concerns eosphoros-ai/db-gpt v0.6.0. The web API endpoint POST /v1/personal/agent/upload is described as vulnerable to Arbitrary File Upload with Path Traversal , enabling an attacker to upload files to arbitrary locations on the victim’s file system. Impact telegraphs possible rem...

Malicious package may avoid detection in python auditing

Python Auditing Vulnerability Demonstrates how a malicious package can insert a load-time poison pill to avoid detection by tools like Safety. Tools that are designed to find vulnerable packages can not ever run in the same python environment that they are trying to protect. Usage Install safety,...

CVE-2009-4139

A flaw was found in Spacewalk Java site packages. This cross-site request forgery CSRF vulnerability allows a remote attacker to hijack the authentication of arbitrary users. This can lead to unauthorized actions, including disabling user accounts, adding new user accounts, or escalating privileg...

Spacewalk: CSRF in all web portal forms

Cross-site request forgery CSRF vulnerability in the Spacewalk Java site packages aka spacewalk-java 1.2.39 in Spacewalk, as used in the server in Red Hat Network Satellite 5.3.0 through 5.4.1 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests...