Lucene search
K

3 matches found

RedhatCVE
RedhatCVE
added 2026/05/30 8:13 a.m.19 views

CVE-2026-45374

CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.26, the taskcreate tool spawns durable sub-agents that inherit two insecure defaults, allowshell defaults to true config.rs:1499: self.allowshell.unwraportrue and autoapprove defaults to true taskmanager.rs:297: autoapprove:...

9.6CVSS5.8AI score0.0026EPSS
Exploits0References1
OSV
OSV
added 2026/04/10 7:25 p.m.5 views

GHSA-QWGJ-RRPJ-75XM PraisonAI: Hardcoded `approval_mode="auto"` in Chainlit UI Overrides Administrator Configuration, Enabling Unapproved Shell Command Execution

Summary The Chainlit UI modules chat.py and code.py hardcode config.approvalmode = "auto" after loading administrator configuration from the PRAISONAPPROVALMODE environment variable, silently overriding any "manual" or "scoped" approval setting. This defeats the human-in-the-loop approval gate fo...

8.8CVSS6.3AI score0.00476EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/10 7:25 p.m.8 views

PraisonAI: Hardcoded `approval_mode="auto"` in Chainlit UI Overrides Administrator Configuration, Enabling Unapproved Shell Command Execution

Summary The Chainlit UI modules chat.py and code.py hardcode config.approvalmode = "auto" after loading administrator configuration from the PRAISONAPPROVALMODE environment variable, silently overriding any "manual" or "scoped" approval setting. This defeats the human-in-the-loop approval gate fo...

6.3AI score
Exploits0References3Affected Software1
Rows per page
Query Builder