PT-2026-38304

PraisonAI is a multi-agent teams system. From version 4.5.139 to before version 4.6.32, CVE-2026-40287's fix gated tools.py auto-import behind PRAISONAI ALLOW LOCAL TOOLS=true in two files tool resolver.py, api/call.py. A third import sink in praisonai/templates/tool override.py was missed and...

XWiki Platform 安全漏洞

XWiki Platform is the XWiki Foundation's suite of Wiki platforms for creating Web collaboration applications. A security vulnerability exists in XWiki Platform that stems from the fact that any user who can edit any page can create custom skins with template overrides that are executed with...