13714 matches found
MetaGPT has an Injection issue
A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function checksolution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initiated remotely. The exploit is now public and may be used. Th...
Linux Distros Unpatched Vulnerability : CVE-2026-5911
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page...
PT-2026-31669
A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function check solution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initiated remotely. The exploit is now public and may be used. T...
MetaGPT 代码注入漏洞
MetaGPT is a multi-agent framework developed by MetaGPT Inc. Versions of MetaGPT 0.8.1 and earlier contained a code injection vulnerability. This vulnerability stemmed from operations on the checksolution function within the HumanEvalBenchmark/MBPPBenchmark component, which could lead to code...
Linux Distros Unpatched Vulnerability : CVE-2026-23408
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of nsname in aareplaceprofiles if nsname is NULL after 1071 error...
Important: Red Hat Security Advisory: Network Observability 1.11.1 for OpenShift
Network Observability 1.11 for Red Hat OpenShift. Network flows collector and monitoring solution...
CVE-2021-27850
A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019-0195 it was...
Linux Distros Unpatched Vulnerability : CVE-2025-59490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - znuny - None Ubuntu Linux - Unknown description CVE-2025-59490 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-23334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: usb: f81604: handle short interrupt urb messages properly If an interrupt urb is received that is not the correct length, properly detect it and don't...
Linux Distros Unpatched Vulnerability : CVE-2025-31277
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6...
CVE-2025-15554
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
Security Bulletin: Due to the use of Underscore.js, IBM DevOps Solution Workbench is affected by a Denial of Service (CVE-2026-27601)
Summary Underscore.js is used internally within IBM DevOps Solution Workbench Vulnerability Details CVEID:CVE-2026-27601 DESCRIPTION: Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specif...
CVE-2026-24313
SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...
EUVD-2026-10449
SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...
EUVD-2026-10448
SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...
CVE-2026-24313
SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...
CVE-2026-24313
CVE-2026-24313 affects SAP Solution Tools Plug-In (ST-PI). A function module does not perform proper authorization checks for authenticated users, enabling disclosure of system information. According to the provided documentation, the vulnerability has a low confidentiality impact and does not af...
CVE-2026-24313 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)
SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...
CVE-2026-24313
SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...
CVE-2026-24313 Missing Authorization check in SAP Solution Tools Plug-In (ST-PI)
SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...