Lucene search
K

5 matches found

CVE
CVE
added yesterday9 views

CVE-2026-15746

CVE-2026-15746 affects strands-agents-tools’ elasticsearch_memory tool (used with Strands Agents SDK). The tool’s schema exposed connection parameters (es_url, cloud_id, api_key); if api_key is omitted, it falls back to the operator’s ELASTICSEARCH_API_KEY and may be sent to a host chosen by an L...

6.9CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44762

Strands Agents is an open-source Python SDK for building and running AI agents. The strands-agents-tools package provides pre-built tools for use with the SDK, including the elasticsearchmemory tool for agent memory storage. We identified CVE-2026-15746, a server-side request forgery SSRF issue i...

6.9CVSS6.1AI score
Exploits0References3
Snyk
Snyk
added 2025/12/02 6:45 a.m.4 views

Use of Incorrectly-Resolved Name or Reference

Overview strands-agents is an A model-driven approach to building AI agents in just a few lines of code Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference via dynamic tool module registration in ToolLoader. The loadtoolsfromfilepath and loadpythontoo...

7.1CVSS6.7AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/12/02 6:45 a.m.9 views

nova-act (>=2.3.18.0 <=3.1.18.0) potentially affected by unknown CVE via strands-agents (=1.14.0)

strands-agents PYPI version =1.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on strands-agents and may be impacted: - nova-act =2.3.18.0, =3.1.18.0 Source cves: unknown CVE Source advisory: SNYK:PYTHON-STRANDSAGENTS-14157238...

5.8AI score
Exploits0
Snyk
Snyk
added 2025/10/02 6:45 a.m.0 views

Directory Traversal

Overview strands-agents is an A model-driven approach to building AI agents in just a few lines of code Affected versions of this package are vulnerable to Directory Traversal via the FileSessionManager.getsessionpath, FileSessionManager.getagentpath, S3SessionManager.getsessionpath, and...

8.6CVSS7.8AI score
Exploits0References3
Rows per page
Query Builder