357 matches found
CVE-2026-49136
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...
CVE-2026-49136 Banana Slides 0.4.0 Path Traversal via generate_image() in ai_service.py
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...
CVE-2026-49136 Banana Slides 0.4.0 Path Traversal via generate_image() in ai_service.py
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...
CVE-2026-49136
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generateimage function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by exploiting an incomplete...
Banana-slides path traversal vulnerability
banana-slides is an AI-based PPT generation application developed by Anion. Versions of banana-slides 0.4.0 and earlier have a path traversal vulnerability. This vulnerability stems from a path traversal issue in the AI service’s backend function, generateimage. Due to the use of os.path.startswi...
Missing Authorization
Overview @steipete/summarize is a Link → clean text → summary. Affected versions of this package are vulnerable to Missing Authorization via the slidesDir parameter in the /v1/summarize endpoint. An attacker can write arbitrary files, such as slide.png and slides.json, to any writable directory a...
Summarize contains a path traversal vulnerability
Summarize prior to 0.15.0 contains a path traversal vulnerability in the /v1/summarize daemon endpoint that allows authenticated callers to write files to arbitrary directories by supplying an absolute path or directory traversal sequence in the slidesDir request parameter. Attackers can exploit...
EUVD-2026-30797
Summarize prior to 0.15.1 contains a path traversal vulnerability in the /v1/summarize daemon endpoint that allows authenticated callers to write files to arbitrary directories by supplying an absolute path or directory traversal sequence in the slidesDir request parameter. Attackers can exploit...
CVE-2026-45242
The CVE-2026-45242 vulnerability affects the Summarize tool prior to version 0.15.1, exposing a path traversal flaw in the /v1/summarize daemon endpoint. An authenticated user can supply an absolute path or directory traversal sequence in the slidesDir parameter, allowing writes of slide_*.png an...
CVE-2026-45242
Summarize prior to 0.15.1 contains a path traversal vulnerability in the /v1/summarize daemon endpoint that allows authenticated callers to write files to arbitrary directories by supplying an absolute path or directory traversal sequence in the slidesDir request parameter. Attackers can exploit...
PT-2026-41719
Name of the Vulnerable Software and Affected Versions Summarize versions prior to 0.15.1 Description A path traversal issue exists in the '/v1/summarize' daemon endpoint. Authenticated users can write files to arbitrary directories by providing an absolute path or directory traversal sequence in...
GHSA-PXHG-7XR2-W7XG PPTAgent: Arbitrary File Write via `save_generated_slides`
Summary This vulnerability has been fixed in https://github.com/icip-cas/PPTAgent/commit/418491a9a1c02d9d93194b5973bb58df35cf9d00. The savegeneratedslides MCP tool accepts a pptxpath argument and writes the generated PPTX file to that path without any workspace restriction or path validation:...
PPTAgent: Arbitrary File Write via `save_generated_slides`
Summary This vulnerability has been fixed in https://github.com/icip-cas/PPTAgent/commit/418491a9a1c02d9d93194b5973bb58df35cf9d00. The savegeneratedslides MCP tool accepts a pptxpath argument and writes the generated PPTX file to that path without any workspace restriction or path validation:...
Directory Traversal
Overview pptagent is an An Agentic Framework for Reflective PowerPoint Generation Affected versions of this package are vulnerable to Directory Traversal via the savegeneratedslides function. An attacker can overwrite or create arbitrary files on the system by supplying crafted input when invokin...
CVE-2026-42080
PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, there is an arbitrary file write vulnerability via savegeneratedslides. This issue has been patched via commit 418491a...
CVE-2026-42080 PPTAgent: Arbitrary File Write via `save_generated_slides`
PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, there is an arbitrary file write vulnerability via savegeneratedslides. This issue has been patched via commit 418491a...
CVE-2026-42080
PPTAgent contains an arbitrary file write vulnerability in the component handling slide generation. Prior to commit 418491a, an attacker could write arbitrary files via save_generated_slides. The issue has been patched in commit 418491a. Impact details in the public records indicate a low to medi...
CVE-2026-42080 PPTAgent: Arbitrary File Write via `save_generated_slides`
PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, there is an arbitrary file write vulnerability via savegeneratedslides. This issue has been patched via commit 418491a...
CVE-2026-42080
PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, there is an arbitrary file write vulnerability via savegeneratedslides. This issue has been patched via commit 418491a...
PT-2026-36858
Name of the Vulnerable Software and Affected Versions PPTAgent versions prior to commit 418491a Description An arbitrary file write issue exists in this agentic framework for reflective PowerPoint generation. The flaw occurs through the save generated slides function. Recommendations Update to...