15 matches found
PYSEC-2026-451 pgAdmin 4 Vulnerable to Remote Code Execution
Remote Code Execution security vulnerability in pgAdmin 4 Query Tool and Cloud Deployment modules. The vulnerability is associated with the 2 POST endpoints; /sqleditor/querytool/download, where the querycommited parameter and /cloud/deploy endpoint, where the highavailability parameter is unsafe...
CVE-2026-40100
FastGPT is an AI Agent building platform. Prior to 4.14.10.3, the /api/core/app/mcpTools/runTool endpoint accepts arbitrary URLs without authentication. The internal IP check in isInternalAddress only blocks private IPs when CHECKINTERNALIP=true, which is not the default. This allows...
FastGPT 代码问题漏洞
FastGPT is an open-source knowledge base question-answering system based on large language models, developed by Labring. Versions of FastGPT prior to 4.14.10.3 contained code vulnerabilities. These vulnerabilities stemmed from the unvalidated acceptance of any URL via the...
CVE-2026-34162 FastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key Theft
FastGPT is an AI Agent building platform. Prior to version 4.14.9.5, the FastGPT HTTP tools testing endpoint /api/core/app/httpTools/runTool is exposed without any authentication. This endpoint acts as a full HTTP proxy — it accepts a user-supplied baseUrl, toolPath, HTTP method, custom headers,...
CVE-2026-0773
Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0773
Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0773
Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2026-0773 Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability
Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
Upsonic code issue vulnerabilities
Upsonic is an open-source AI proxy framework developed by Upsonic. Upsonic has code vulnerabilities, which stem from the lack of validation for data provided by users at the addtool endpoint. This vulnerability may lead to the deserialization of untrusted data and remote code execution...
(0Day) Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the addtool endpoint, which listens on TCP port 7541 by default. The issue results from the lack...
CVE-2025-68717
KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 allow authentication bypass during session validation. If any user is logged in, endpoints such as /cgi-bin/system-tool accept unauthenticated requests with empty or invalid session values. This design flaw lets attackers piggyback on another user'...
PT-2026-1919
Name of the Vulnerable Software and Affected Versions KAYSUS KS-WR3600 router version 1.0.5.9.1 Description KAYSUS KS-WR3600 routers with firmware version 1.0.5.9.1 have a flaw where authentication can be bypassed during session validation. When a user is logged in, certain API endpoints, such as...
CVE-2025-68717
KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 are affected by an authentication bypass during session validation. When any user is logged in, endpoints like /cgi-bin/system-tool accept unauthenticated requests with empty/invalid session values, enabling an attacker to piggyback on an active se...
VulnCheck KEV: CVE-2025-51482
Remote Code Execution in letta.server.restapi.routers.v1.tools.runtoolfromsource in letta-ai Letta 0.7.12 allows remote attackers to execute arbitrary Python code and system commands via crafted payloads to the /v1/tools/run endpoint, bypassing intended sandbox restrictions...
CVE-2025-10433
A vulnerability was determined in 1Panel-dev MaxKB up to 2.0.2/2.1.0. This issue affects some unknown processing of the file /admin/api/workspace/default/tool/debug. Executing manipulation of the argument code can lead to deserialization. The attack can be executed remotely. The exploit has been...