Lucene search
+L

4 matches found

euvd
euvd
added 2026/06/26 3:32 p.m.11 views

EUVD-2026-39776

When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call returned the resulting error to th...

5.5CVSS5.9AI score0.00092EPSS
Exploits0References2
osv
osv
added 2026/04/03 10:49 p.m.2 views

CVE-2026-34934 PraisonAI: Second-Order SQL Injection in `get_all_user_threads`

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the getalluserthreads function constructs raw SQL queries using f-strings with unescaped thread IDs fetched from the database. An attacker stores a malicious thread ID via updatethread. When the application loads the thread list, t...

9.8CVSS6AI score0.00533EPSS
Exploits1References3
cnnvd
cnnvd
added 2026/04/03 12:0 a.m.9 views

PraisonAI SQL注入漏洞

PraisonAI is a low-code multi-intelligent body collaboration framework. PraisonAI suffers from a SQL injection vulnerability that stems from the getalluserthreads function constructing raw SQL queries using unescaped thread IDs, which can be exploited by an attacker to cause SQL injection and gai...

9.8CVSS5.9AI score0.00533EPSS
Exploits1References1
osv
osv
added 2025/02/26 7:1 a.m.10 views

DEBIAN-CVE-2022-49700

In the Linux kernel, the following vulnerability has been resolved: mm/slub: add missing TID updates on slab deactivation The fastpath in slaballocnode assumes that c-slab is stable as long as the TID stays the same. However, two places in slaballoc currently don't update the TID when deactivatin...

7.8CVSS5.3AI score0.00283EPSS
Exploits0References1
Rows per page
Query Builder