4 matches found
EUVD-2026-22215
PraisonAI is a multi-agent teams system. Prior to 4.5.133, there is an SQL identifier injection vulnerability in SQLiteConversationStore where the tableprefix configuration value is directly concatenated into SQL queries via f-strings without any validation or sanitization. Since SQL identifiers...
CVE-2026-23838 Tandoor Recipes module allows SQLite database to be externally accessible with the default settings
Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the default configuration of Tandoor Recipes, specifically using SQLite and default MEDIAROOT, the full database file may be externally...
CVE-2026-23838
CVE-2026-23838 affects Tandoor Recipes when installed via Nix and using the default configuration with SQLite and default MEDIA_ROOT. Versions 23.05 through 26.04 (prior to 26.05) are vulnerable because the NixOS module sets the working directory and MEDIA_ROOT to /var/lib/tandoor-recipes, causin...
CVE-2026-23838 Tandoor Recipes module allows SQLite database to be externally accessible with the default settings
Tandoor Recipes is a recipe manager than can be installed with the Nix package manager. Starting in version 23.05 and prior to version 26.05, when using the default configuration of Tandoor Recipes, specifically using SQLite and default MEDIAROOT, the full database file may be externally...