Lucene search
K

16683 matches found

RedhatCVE
RedhatCVE
added 2026/06/29 1:12 p.m.9 views

CVE-2026-54371

A flaw was found in the attr package. This vulnerability allows a local attacker to perform a symlink traversal attack by replacing a pathname component with a symbolic link - either during directory hierarchy traversal by getfattr or during backup restoration by setfattr, which reads and resolve...

8.4CVSS5.7AI score0.00136EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/29 12:35 p.m.6 views

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.6AI score0.00464EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 12:16 p.m.10 views

CVE-2026-41991

GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely on the process ID PID. This predictable filename is created without...

4.7CVSS0.00105EPSS
Exploits0References3
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-413 Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token

Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token | Field | Value | | ---------------- | ----- | | Repository | pipeboard-co/meta-ads-mcp | | Affected version | ≤ 1.0.101 commit 496c988 7d14226; Versions 1.0.102–1.0.105 lack git tags, so patch status is unconfirmed. | |...

9.1CVSS6AI score0.0013EPSS
Exploits0References6
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-544 MCP-for-Stata: Command injection via log_file_name parameter in Stata command wrapper

Summary The logfilename parameter in the statado API and CLI is directly interpolated into a Stata command string without sanitization. The security guard GuardValidator only scans the do-file content but does not validate this parameter. An attacker can inject arbitrary Stata commands including...

9.3CVSS6AI score0.00629EPSS
Exploits0References7
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-376 Langflow has Remote Code Execution in CSV Agent

Summary The CSV Agent node in Langflow hardcodes allowdangerouscode=True, which automatically exposes LangChain’s Python REPL tool pythonreplast. As a result, an attacker can execute arbitrary Python and OS commands on the server via prompt injection, leading to full Remote Code Execution RCE...

9.8CVSS7.7AI score0.33694EPSS
Exploits4References6
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-303 CAI find_file Agent Tool has Command Injection Vulnerability Through Argument Injection

Summary The CAI Cybersecurity AI framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via subprocess.Popen with shell=True, allowing attackers to execute arbitrary commands on the host system. Vulnerable...

9.6CVSS6.2AI score0.008EPSS
Exploits3References7
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-400 llm CLI tool contains a code injection vulnerability via `--functions` command-line argument

The llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions command-line argument. This argument is intended to allow users to provide custom Python function definitions. However, the tool directly executes the provided code using the unsafe exec function...

9.8CVSS6.4AI score0.00327EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-478 PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution

Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely exploitable Critical chain: 1. The example exposes an A2A server without configuring authtoken. 2. The same example binds the server to 0.0.0.0. 3. The example registers a calculateexpression tool...

9.8CVSS6.5AI score0.00084EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-468 PraisonAI Has Authentication Bypass via OAuthManager.validate_token()

Summary OAuthManager.validatetoken returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. Details...

9.1CVSS5.9AI score0.00375EPSS
Exploits1References5
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-487 PraisonAIAgents has an OS Command Injection via shell=True in Memory Hooks Executor (memory/hooks.py)

Summary The memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py lines 303 to 305. No sanitization, no shlex.quote, no character filter, and no allowlist check exists...

9.3CVSS6.3AI score0.00229EPSS
Exploits1References5
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-461 PraisonAI Vulnerable to OS Command Injection

The executecommand function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-generated tool calls, allowing attackers to inject arbitrary shell commands through shell metacharacters. --- Description PraisonAI's workflow system and...

9.6CVSS6.2AI score0.00419EPSS
Exploits1References6
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-451 pgAdmin 4 Vulnerable to Remote Code Execution

Remote Code Execution security vulnerability in pgAdmin 4 Query Tool and Cloud Deployment modules. The vulnerability is associated with the 2 POST endpoints; /sqleditor/querytool/download, where the querycommited parameter and /cloud/deploy endpoint, where the highavailability parameter is unsafe...

9.9CVSS6.2AI score0.46222EPSS
Exploits8References6
Cvelist
Cvelist
added 2026/06/28 2:30 p.m.34 views

CVE-2026-13501 antlr ANTLR4 gofmt GoTarget.java GoTarget command injection

A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of the component gofmt. The manipulation leads to command injection. The attack can only be performed fro...

5.3CVSS0.00678EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/28 2:30 p.m.8 views

EUVD-2026-39999

A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of the component gofmt. The manipulation leads to command injection. The attack can only be performed fro...

5.3CVSS5.4AI score0.00678EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/27 1:52 a.m.8 views

SUSE CVE-2026-56766

Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an...

8.8CVSS6.6AI score0.01325EPSS
Exploits2References3
EUVD
EUVD
added 2026/06/26 11:3 p.m.14 views

EUVD-2026-36598

Nezha Monitoring: Pre-auth path traversal via /dashboard.. prefix confusion leaks jwtsecretkey...

9.1CVSS5.8AI score0.00451EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/26 11:2 p.m.11 views

EUVD-2026-36600

Nezha Monitoring: Stored future DDNS profile ID allows unauthorized use of another user's DDNS profile context...

6.4CVSS5.8AI score0.00227EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 10:29 p.m.11 views

EUVD-2026-38069

YARD static cache reads raw traversal paths before router sanitization...

5.3CVSS5.8AI score0.00273EPSS
Exploits0References3
NVD
NVD
added 2026/06/26 6:17 p.m.7 views

CVE-2026-55448

mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads github.credentialcommand from local project config before any trust decision, then executes that value with sh -c when resolving a GitHub token. An attacker who can place a .mise.toml in a...

6.3CVSS0.00159EPSS
Exploits0References1
Rows per page
Query Builder