Lucene search
+L

406 matches found

cvelist
cvelist
added 6 days ago29 views

CVE-2026-60089 PraisonAI before 1.6.78 Path Traversal via config.toml

PraisonAI pip package praisonaiagents before 1.6.78 automatically loads defaults from a project-local .praisonai/config.toml when constructing an Agent, and does not validate the defaults.output.outputfile path. A repository-controlled config file can set outputfile to an absolute or '..' travers...

6.9CVSS0.00141EPSS
Exploits0References3
circl
circl
added 2026/06/27 12:35 a.m.11 views

CVE-2026-50029

creationtimestamp| type| source ---|---|--- 2026-06-27 00:35:39+00:00| published-proof-of-concept| https://github.com/sunnyadn/js-toml/security/advisories/GHSA-m34p-749j-x6m6...

5.8AI score
Exploits0References1
osv
osv
added 2026/06/26 10:49 p.m.3 views

GHSA-M34P-749J-X6M6 js-toml has silent type confusion via falsy-primitive duplicate-key bypass

Summary js-toml's interpreter checks whether a key already exists in a parser-built container with if objectkey instead of if key in object. When the prior value is a falsy primitive — false, 0, 0n, 0.0, -0, or "" — the duplicate-key branch is skipped and the value is silently overwritten by a...

5.3CVSS5.8AI score
Exploits0References2
euvd
euvd
added 2026/06/26 10:21 p.m.11 views

EUVD-2026-38060

js-toml vulnerable to CPU exhaustion via On^2 BigInt construction on radix-prefixed integer literals...

7.5CVSS5.8AI score0.00415EPSS
Exploits1References4
osv
osv
added 2026/06/26 10:21 p.m.3 views

GHSA-WP3C-266W-4QFQ js-toml vulnerable to CPU exhaustion via O(n^2) BigInt construction on radix-prefixed integer literals

Summary js-toml versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written parseBigInt loop that multiplies a BigInt accumulator by the radix once per input digit. Each iteration performs a BigInt BigInt operation on an accumulator that grows linearl...

7.5CVSS6AI score0.00415EPSS
Exploits1References5
nvd
nvd
added 2026/06/26 6:17 p.m.7 views

CVE-2026-55448

mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads github.credentialcommand from local project config before any trust decision, then executes that value with sh -c when resolving a GitHub token. An attacker who can place a .mise.toml in a...

6.3CVSS0.00159EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/26 4:46 p.m.7 views

CVE-2026-55448

mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads github.credentialcommand from local project config before any trust decision, then executes that value with sh -c when resolving a GitHub token. An attacker who can place a .mise.toml in a...

6.3CVSS6AI score0.00159EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/06/26 4:46 p.m.21 views

CVE-2026-55448

CVE-2026-55448 is confirmed across multiple sources as a local command-exécution vulnerability in the mise tool. An attacker who can place a repository-local .mise.toml can have mise load github.credential_command from local project config and execute its value via sh -c when resolving a GitHub t...

6.3CVSS6AI score0.00159EPSS
Exploits0References1
nvd
nvd
added 2026/06/23 8:16 p.m.20 views

CVE-2026-45792

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK Rust Token Killer improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An...

6.9CVSS0.00078EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/23 7:2 p.m.41 views

CVE-2026-45792 RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK Rust Token Killer improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An...

6.9CVSS0.00078EPSS
Exploits0References3
nessus
nessus
added 2026/06/22 12:0 a.m.9 views

Amazon Linux 2023 : golang-github-burntsushi-toml, golang-github-burntsushi-toml-devel (ALAS2023-2026-1877)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1877 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, . to execute repeatedly on the same...

7.5CVSS6.2AI score0.00939EPSS
Exploits0References8
nvd
nvd
added 2026/06/19 7:16 p.m.18 views

CVE-2026-49293

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written parseBigInt loop that multiplies a BigInt accumulator by the radix once per input digit. Each iteration...

7.5CVSS0.00415EPSS
Exploits1References3
cvelist
cvelist
added 2026/06/19 6:14 p.m.22 views

CVE-2026-49293 CPU exhaustion via O(n^2) BigInt construction on radix-prefixed integer literals

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written parseBigInt loop that multiplies a BigInt accumulator by the radix once per input digit. Each iteration...

7.5CVSS0.00415EPSS
Exploits1References3
attackerkb
attackerkb
added 2026/06/19 6:14 p.m.5 views

CVE-2026-49293

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written parseBigInt loop that multiplies a BigInt accumulator by the radix once per input digit. Each iteration...

7.5CVSS5.8AI score0.00415EPSS
Exploits1References4Affected Software1
cve
cve
added 2026/06/19 6:14 p.m.27 views

CVE-2026-49293

CVE-2026-49293 affects js-toml up to v1.1.0. The parsing of hexadecimal/octal/binary integer literals uses a hand-written parseBigInt loop that multiplies the BigInt accumulator by the radix for every digit, yielding an O(n^2) time complexity in the length of the literal. A single TOML document c...

7.5CVSS5.8AI score0.00415EPSS
Exploits1References3Affected Software1
osv
osv
added 2026/06/19 6:14 p.m.3 views

CVE-2026-49293 CPU exhaustion via O(n^2) BigInt construction on radix-prefixed integer literals

js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written parseBigInt loop that multiplies a BigInt accumulator by the radix once per input digit. Each iteration...

7.5CVSS5.9AI score0.00415EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.18 views

PT-2026-51007

Name of the Vulnerable Software and Affected Versions js-toml versions prior to 1.1.1 Description The software contains a quadratic time complexity issue during the parsing of hexadecimal, octal, and binary integer literals. This occurs because the parseBigInt function uses a loop that performs a...

7.5CVSS5.8AI score0.00415EPSS
Exploits1References13
osv
osv
added 2026/06/10 8:32 p.m.10 views

GHSA-GHQ2-5C67-FPRM PDM: Project-Local State and Config Writes Follow Symlinks

Summary PDM writes several project-local state or configuration files without symlink protection. If a malicious repository places those files as symlinks, local PDM operations can overwrite the symlink targets. This creates an arbitrary file clobber primitive relative to the privileges of the...

6.8CVSS5.9AI score0.00024EPSS
Exploits0References3
github
github
added 2026/06/10 8:32 p.m.21 views

PDM: Project-Local State and Config Writes Follow Symlinks

Summary PDM writes several project-local state or configuration files without symlink protection. If a malicious repository places those files as symlinks, local PDM operations can overwrite the symlink targets. This creates an arbitrary file clobber primitive relative to the privileges of the...

5.9AI score0.00024EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2026/06/10 12:0 a.m.68 views

PT-2026-48600

Name of the Vulnerable Software and Affected Versions PDM versions prior to 2.28.0-1.1 Description PDM writes project-local state and configuration files without symlink protection, allowing a malicious repository to use symlinks to overwrite files outside the repository root. This creates an...

6.8CVSS6AI score0.00024EPSS
Exploits0References16
Rows per page
Query Builder