19 matches found
EUVD-2026-37289
LangGraph SDK has unsafe URL path construction...
Improper Access Control
LangGraph Python SDK is vulnerable to Improper Access Control. The vulnerability is due to unsafe URL path construction using unsanitized user-supplied identifiers, where special characters in identifier values can alter the intended request path and target unintended resources, allowing attacker...
CVE-2026-56078 PraisonAI - Arbitrary File Read and Write via Path Traversal in MultiAgentMonitor
PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent IDs when building file paths. Attackers can include traversal sequences like ../ in agent IDs to read, write, or overwrite arbitrary files, enabling sensitive disclosure, denial of...
CVE-2026-48776
CVE-2026-48776 affects LangGraph Python SDK (versions up to 0.3.14) and describes unsafe URL path construction from unsanitized caller-supplied identifiers in HTTP request paths. This can cause requests to target a different resource or resource type, enabling unintended access, modification, or ...
CVE-2026-48776 LangGraph SDK has unsafe URL path construction
LangGraph Python SDK is used to connect to running LangGraph API servers, manage assistants, threads and stream runs from Python applications. Versions 0.3.14 and prior have unsafe URL path construction through unsanitized caller-supplied identifier values used in HTTP request paths for resource...
PT-2026-50078
Name of the Vulnerable Software and Affected Versions LangGraph Python SDK versions prior to 0.3.15 Description Unsafe URL path construction occurs due to unsanitized caller-supplied identifier values used in HTTP request paths for resource operations. Identifiers containing characters with speci...
CVE-2026-46486 Mobile Verification Toolkit (MVT): Path Traversal via unsanitized File identifiers in iOS Backup processing
MVT Mobile Verification Toolkit helps with conducting forensics of mobile devices in order to find signs of a potential compromise. Prior to version 2026.5.12, there is a path traversal vulnerability via unsanitized File identifiers in iOS Backup processing. This issue has been patched in version...
CVE-2026-39399
NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the NuGetGallery backend job’s handling of .nuspec files within NuGet packages. An attacker can supply a crafted nuspec file with malicious metadata, leading to cross package metadata injection that ma...
EUVD-2026-31311
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in tables.php where the multiple POST parameters tablename, indexname, sortby are concatenated into table/column identifiers in dynamically constructed SELECT/UPDATE/DELETE statements without sanitization. Authenticated...
GHSA-XP6R-8PCC-XV5P BillaBear is Vulnerable to SQL Injection in the EventRepository
BillaBear all versions prior to Jan 2026 contains a SQL Injection vulnerability in the EventRepository. User-controlled input from metric filter names and aggregation properties is directly interpolated into SQL queries using sprintf without proper sanitization or identifier quoting. Although...
Filter Expression Injection
Spring AI is vulnerable to Filter Expression Injection. The vulnerability is due to insufficient sanitization of document IDs in MilvusVectorStoredoDeleteList, where attacker-controlled IDs are incorporated into Milvus filter expressions, allowing injection of malicious query conditions that can...
SQL Injection
Focalboard is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of category IDs before they are incorporated into dynamic SQL statements, which allows an attacker to inject malicious SQL that is later executed and used to extract sensitive data from the database...
EUVD-2026-28875
Spring AI's MilvusVectorStoredoDeleteList implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest 1.1.x; upgrade to 1.1.6 o...
PT-2026-39225
Name of the Vulnerable Software and Affected Versions Spring AI versions 1.0.0 through 1.0.6 Spring AI versions 1.1.0 through 1.1.5 Description The doDeleteList function in the MilvusVectorStore implementation is susceptible to filter-expression injection. This occurs because document IDs are not...
CVE-2026-33648 AVideo Vulnerable to OS Command Injection via Unsanitized `users_id` and `liveTransmitionHistory_id` in Restreamer Log File Path
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the restreamer endpoint constructs a log file path by embedding user-controlled usersid and liveTransmitionHistoryid values from the JSON request body without any sanitization. This log file path is then...
CVE-2026-0603
A flaw was found in Hibernate. A remote attacker with low privileges could exploit a second-order SQL injection vulnerability by providing specially crafted, unsanitized non-alphanumeric characters in the ID column when the InlineIdsOrClauseBuilder is used. This could lead to sensitive informatio...
SQL Injection
Overview sonnixgres is an A production-ready Python library for PostgreSQL database interactions with connection pooling, query caching, and rich console output. Affected versions of this package are vulnerable to SQL Injection due to inadequate sanitization of SQL identifiers in...
PT-2023-32168 · Moodle +8 · Moodle +3
Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue concerns a stored XSS risk in the quiz grading report, where ID numbers were not properly sanitized. This could potentially allow for malicious script execution. Recommendations:...
SUSE CVE-2022-23949
In Keylime before 6.3.0, unsanitized UUIDs can be passed by a rogue agent and can lead to log spoofing on the verifier and registrar...