Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/06/09 1:23 p.m.9 views

EUVD-2026-35436

The Electron preload script in Logseq exposes an API method that allows the renderer process to invoke IPC handlers without proper path validation. An attacker with JavaScript execution in the renderer e.g. via XSS or a malicious plugin, can read, write, or delete arbitrary files on the user's...

8.7CVSS5.8AI score0.0027EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/03 10:50 p.m.18 views

CVE-2026-34936 PraisonAI: SSRF via Unvalidated api_base in passthrough() Fallback

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough and apassthrough in praisonai accept a caller-controlled apibase parameter that is concatenated with endpoint and passed directly to httpx.Client.request when the litellm primary path raises AttributeError. No URL schem...

7.7CVSS0.00337EPSS
Exploits1References1
Snyk
Snykadded 2026/04/01 11:21 p.m.3 views

Server-side Request Forgery (SSRF)

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

8.5CVSS5.9AI score0.00337EPSS
Exploits1References2
OSV
OSVadded 2026/04/01 11:21 p.m.3 views

GHSA-X6M9-GXVR-7JPV PraisonAI: SSRF via Unvalidated api_base in passthrough() Fallback

Summary passthrough and apassthrough in praisonai accept a caller-controlled apibase parameter that is concatenated with endpoint and passed directly to httpx.Client.request when the litellm primary path raises AttributeError. No URL scheme validation, private IP filtering, or domain allowlist is...

7.7CVSS5.9AI score0.00337EPSS
Exploits1References3
CNNVD
CNNVDadded 2026/02/04 12:0 a.m.6 views

Apache Answer 安全漏洞

Apache Answer is a community platform of the Apache Foundation in the United States. Versions of Apache Answer prior to 1.7.1 contained security vulnerabilities. These vulnerabilities stemmed from unvalidated API endpoints that exposed the complete revision history of deleted content, potentially...

7.5CVSS5.8AI score0.00619EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2010-0745

Malware in sbrugna...

4.7CVSS6.4AI score0.01836EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2021-2884

Malicious code in bioql PyPI...

10CVSS8.1AI score0.02546EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/01/10 12:0 a.m.5 views

Ultimaker 3D printer 跨站请求伪造漏洞

The Ultimaker 3D printer is a series of powerful, professional 3D printers from the Dutch company Ultimaker. A security vulnerability exists in the Ultimaker 3D printer that originates from local web servers hosting APIs that are vulnerable to CSRF attacks. They do not validate incoming requests...

8.8CVSS7.9AI score0.00529EPSS
Exploits0References5
Rows per page
Query Builder