Lucene search
K

70 matches found

Snyk
Snyk
added 2026/07/01 6:41 p.m.4 views

Unsafe Dependency Resolution

Overview neuro-cortex-memory is a Scientifically-grounded memory system based on computational neuroscience research Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the CLAUDEPROJECTDIR environment variable, which is treated as a trusted source directory witho...

8.5CVSS6.2AI score
Exploits0References2
Snyk
Snyk
added 2026/06/26 11:18 p.m.6 views

Unsafe Dependency Resolution

Overview @pnpm/building.policy is a Create a function for filtering out dependencies that are not allowed to be built Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the approval process for dependency sources. An attacker can execute unauthorized code during...

8.8CVSS5.8AI score0.00118EPSS
Exploits1References4
Snyk
Snyk
added 2026/06/18 6:35 p.m.8 views

Unsafe Dependency Resolution

Overview @theia/ai-chat is a Theia - AI Chat Extension Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic loading of .prompts/.prompttemplate files in a workspace. An attacker can manipulate the AI agent's system instructions by introducing crafted...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.10 views

Unsafe Dependency Resolution

Overview @theia/ai-claude-code is a Theia - Claude Code Integration Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic loading of .prompts/.prompttemplate files in a workspace. An attacker can manipulate the AI agent's system instructions by...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.7 views

Unsafe Dependency Resolution

Overview @theia/task is a Theia - Task extension. This extension adds support for executing raw or terminal processes in the backend. Affected versions of this package are vulnerable to Unsafe Dependency Resolution in the processing of custom task definitions from workspace configuration files. A...

8.8CVSS6.3AI score0.00231EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.7 views

Unsafe Dependency Resolution

Overview @theia/ai-ide is an AI IDE Agents Extension Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic loading of .prompts/.prompttemplate files in a workspace. An attacker can manipulate the AI agent's system instructions by introducing crafted...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.7 views

Unsafe Dependency Resolution

Overview @theia/workspace is a Theia - Workspace Extension Affected versions of this package are vulnerable to Unsafe Dependency Resolution in the processing of custom task definitions from workspace configuration files. An attacker can execute arbitrary commands with the user's privileges by...

8.8CVSS6.3AI score0.00231EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.7 views

Unsafe Dependency Resolution

Overview @theia/debug is a Theia - Debug Extension Affected versions of this package are vulnerable to Unsafe Dependency Resolution in the processing of custom task definitions from workspace configuration files. An attacker can execute arbitrary commands with the user's privileges by crafting a...

8.8CVSS6.3AI score0.00231EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.8 views

Unsafe Dependency Resolution

Overview @theia/ai-chat-ui is a Theia - AI Chat UI Extension Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic loading of .prompts/.prompttemplate files in a workspace. An attacker can manipulate the AI agent's system instructions by introducing...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.8 views

Unsafe Dependency Resolution

Overview @theia/ai-chat is a Theia - AI Chat Extension Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the processing of workspace file and directory names in the AI chat. An attacker can cause the agent to execute attacker-controlled instructions by introduci...

8.8CVSS6.2AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.12 views

Unsafe Dependency Resolution

Overview @theia/ai-ide is an AI IDE Agents Extension Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the processing of workspace file and directory names in the AI chat. An attacker can cause the agent to execute attacker-controlled instructions by introducing...

8.8CVSS6.2AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.4 views

Unsafe Dependency Resolution

Overview @theia/ai-editor is a Theia - AI Editor Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the processing of workspace file and directory names in the AI chat. An attacker can cause the agent to execute attacker-controlled instructions by introducing...

8.8CVSS6.2AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.6 views

Unsafe Dependency Resolution

Overview @theia/ai-chat-ui is a Theia - AI Chat UI Extension Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the processing of workspace file and directory names in the AI chat. An attacker can cause the agent to execute attacker-controlled instructions by...

8.8CVSS6.2AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.6 views

Unsafe Dependency Resolution

Overview @theia/ai-core is a Theia - AI Core Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the processing of workspace file and directory names in the AI chat. An attacker can cause the agent to execute attacker-controlled instructions by introducing special...

8.8CVSS6.2AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.8 views

Unsafe Dependency Resolution

Overview @theia/ai-code-completion is a Theia - AI Core Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the processing of workspace file and directory names in the AI chat. An attacker can cause the agent to execute attacker-controlled instructions by...

8.8CVSS6.2AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.7 views

Unsafe Dependency Resolution

Overview @theia/ai-claude-code is a Theia - Claude Code Integration Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the processing of workspace file and directory names in the AI chat. An attacker can cause the agent to execute attacker-controlled instructions...

8.8CVSS6.2AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/11 9:13 p.m.6 views

Unsafe Dependency Resolution

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Unsafe Dependency Resolution via manipulation of the extension metadata process. An attacker can execute arbitrary code by redirecting the loading process toward unscanned package payload...

8.8CVSS6.1AI score0.00419EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/29 10:26 p.m.10 views

Unsafe Dependency Resolution

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

6.8CVSS6AI score0.00102EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/08 6:46 p.m.18 views

Unsafe Dependency Resolution

Overview electerm is an open-sourced terminal/ssh/telnet/serialport/sftp client Affected versions of this package are vulnerable to Unsafe Dependency Resolution in the handling of protocol URLs or command-line options. An attacker can execute arbitrary local code by enticing a user to click a...

9.6CVSS6.1AI score0.00363EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/08 6:34 p.m.11 views

Unsafe Dependency Resolution

Overview electerm is an open-sourced terminal/ssh/telnet/serialport/sftp client Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the runWidget function. An attacker can achieve arbitrary code execution by supplying crafted input that exploits path traversal to...

9.8CVSS6.3AI score0.00167EPSS
Exploits0References3
Rows per page
Query Builder