GHSA-32VR-5GCF-3PW2 PraisonAI Vulnerable to Remote Code Execution via YAML Deserialization in Agent Definition Loading

Summary The AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files without disabling dangerous tags such as !!js/function and !!js/undefined. This allows an attacker to craft a malicious YAML file that, when parsed, executes arbitrary JavaScript code. An attacker can...

PraisonAI Vulnerable to Remote Code Execution via YAML Deserialization in Agent Definition Loading

Summary The AgentService.loadAgentFromFile method uses the js-yaml library to parse YAML files without disabling dangerous tags such as !!js/function and !!js/undefined. This allows an attacker to craft a malicious YAML file that, when parsed, executes arbitrary JavaScript code. An attacker can...

CVE-2025-11157

CVE-2025-11157 is a high-severity remote code execution flaw in feast-dev/feast v0.53.0, due to unsafe YAML deserialization in the Kubernetes materializer (feast/sdk/python/feast/infra/compute_engines/kubernetes/main.py) where yaml.load(..., Loader=yaml.Loader) processes /var/feast/feature_store....

CVE-2025-56816

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload arbitrary YAML files to the config/jdbc-driver-ext.yml path. The application parses this file using SnakeYAML's unsafe load or loadAs method without input...

CVE-2025-56816

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload arbitrary YAML files to the config/jdbc-driver-ext.yml path. The application parses this file using SnakeYAML's unsafe load or loadAs method without input...

CVE-2025-56816

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal via uploading YAML to config/jdbc-driver-ext.yml, parsed with SnakeYAML unsafe load/loadAs. This allows attacker-controlled YAML deserialization, potentially enabling remote code execution (RCE) under certain conditions. Exploitation details ...

CVE-2024-28423

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

CVE-2024-28423

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

PYSEC-2024-263

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafeload function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file...

PT-2024-22426 · Unknown · Airflow-Diagrams

Name of the Vulnerable Software and Affected Versions: Airflow-Diagrams version 2.1.0 Description: The issue is related to an arbitrary file upload vulnerability in the unsafe load function at cli.py. This allows attackers to execute arbitrary code via uploading a crafted YML file. Recommendation...

Airflow-Diagrams Security Vulnerability

airflow-diagrams is a diagramming tool from the individual developer Felix Uellendall. A security vulnerability exists in Airflow-Diagrams version v2.1.0, which stems from the unsafeload function in cli.py containing an arbitrary file upload vulnerability that allows an attacker to execute...

GHSA-297X-2QF3-JRJ3 Unsafe yaml deserialization in llama-hub

The OpenAPI and ChatGPT plugin loaders in LlamaHub aka llama-hub before 0.0.67 allow attackers to execute arbitrary code because safeload is not used for YAML...

activerecord: Possible RCE escalation bug with Serialized Columns in Active Record

An insecure deserialization flaw was found in Active Record, which uses YAML.unsafeload to convert the YAML data into Ruby objects. An attacker supplying crafted data to the database can perform remote code execution RCE, resulting in complete system compromise...

activerecord: Possible RCE escalation bug with Serialized Columns in Active Record

An insecure deserialization flaw was found in Active Record, which uses YAML.unsafeload to convert the YAML data into Ruby objects. An attacker supplying crafted data to the database can perform remote code execution RCE, resulting in complete system compromise...

Rails 代码问题漏洞

Rails is a set of open source web application frameworks based on the Ruby language by the American Rails team. Rails has a security vulnerability that stems from the fact that when serialized columns using YAML the default are deserialized, Rails uses YAML.unsafeload to transform the YAML data...

Remote Code Execution (RCE)

Overview activerecord is a library for databases on Rails. Affected versions of this package are vulnerable to Remote Code Execution RCE. When serialized columns that use YAML the default are deserialized, Rails uses YAML.unsafeload to convert the YAML data in to Ruby objects. If an attacker can...

PT-2021-21796 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: TensorFlow and Keras can be tricked to perform arbitrary code execution when...

CVE-2021-23338

This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function...

PYSEC-2021-86

This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function...

Arbitrary Code Execution

Overview infraserver is a data server Affected versions of this package are vulnerable to Arbitrary Code Execution due to the default usage of the function load of the package js-yaml instead of its secure replacement , safeLoad. Remediation There is no fixed version for infraserver. References -...