1393 matches found
Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf
Impact A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.3.RELEASE. Although the library provides mechanisms to prevent expression injection, it fails to properly neutralize specific syntax patterns that allow for the execution of...
Improper restriction of the scope of accessible objects in Thymeleaf expressions
Impact A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.3.RELEASE. Although the library provides mechanisms to prevent expression injection, it fails to properly restrict the scope of accessible objects, allowing specific potential...
PT-2026-33215
Name of the Vulnerable Software and Affected Versions Thymeleaf versions prior to 3.1.4.RELEASE Description A security bypass exists in the expression execution mechanisms. The library fails to properly neutralize specific syntax patterns, which allows for the execution of unauthorized expression...
PraisonAI Vulnerable to Server-Side Request Forgery via Unvalidated webhook_url in Jobs API
Summary The /api/v1/runs endpoint accepts an arbitrary webhookurl in the request body with no URL validation. When a submitted job completes success or failure, the server makes an HTTP POST request to this URL using httpx.AsyncClient. An unauthenticated attacker can use this to make the server...
GHSA-8FRJ-8Q3M-XHGM PraisonAI Vulnerable to Server-Side Request Forgery via Unvalidated webhook_url in Jobs API
Summary The /api/v1/runs endpoint accepts an arbitrary webhookurl in the request body with no URL validation. When a submitted job completes success or failure, the server makes an HTTP POST request to this URL using httpx.AsyncClient. An unauthenticated attacker can use this to make the server...
GHSA-7J2F-XC8P-FJMQ PraisonAIAgents: Path Traversal via Unvalidated Glob Pattern in list_files Bypasses Workspace Boundary
Summary The listfiles tool in FileTools validates the directory parameter against workspace boundaries via validatepath, but passes the pattern parameter directly to Path.glob without any validation. Since Python's Path.glob supports .. path segments, an attacker can use relative path traversal i...
PT-2026-33210
Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.6.4 Description The '/api/av/removeUnusedAttributeView' endpoint constructs a filesystem path using the user-controlled id parameter without validation or path boundary enforcement. This allows an attacker to inject...
FastGPT 代码问题漏洞
FastGPT is an open-source knowledge base question-answering system based on large language models, developed by Labring. Versions of FastGPT prior to 4.14.10.3 contained code vulnerabilities. These vulnerabilities stemmed from the unvalidated acceptance of any URL via the...
CVE-2026-40114 PraisonAI has Server-Side Request Forgery via Unvalidated webhook_url in Jobs API
PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /api/v1/runs endpoint accepts an arbitrary webhookurl in the request body with no URL validation. When a submitted job completes success or failure, the server makes an HTTP POST request to this URL using httpx.AsyncClient. An...
EUVD-2025-209390
A Reflected Cross-Site Scripting XSS affects LimeSurvey versions prior to 6.15.11+250909, due to the lack of validation of gid parameter in getInstance function in application/models/QuestionCreate.php. This allows an attacker to craft a malicious URL and compromise the logged in user...
CVE-2026-39394
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, the Install::index controller reads the host POST parameter without any validation and passes it directly into updateEnvSettings, which...
CVE-2026-31040
A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution...
EUVD-2026-19814
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...
CVE-2026-35475
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, the redirect parameter is taken directly from $GET with no URL validation or whitelist check, then used verbatim in a header"Location: ..." call. This vulnerability is fixed in 3.6.9...
CVE-2026-35474 WeGIA - Open Redirect - atualizacao redirection - Unvalidated $_GET['redirect']
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, open redirect has been found in WeGIA webapp. The redirect parameter is taken directly from $GET with no URL validation or whitelist check, then used verbatim in a header"Location: ..." call. This vulnerability is fixed in 3.6.9...
CVE-2026-35473 WeGIA - Open Redirect - IentradaControle - listarId() - Unvalidated $_GET['nextPage']
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IentradaControle. T...
CVE-2026-35472 WeGIA - Open Redirect - EstoqueControle - listarTodos() - Unvalidated $_GET['nextPage']
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=EstoqueControle...
VulnCheck KEV: CVE-2025-59528
Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to input configuration settings for connecting to an external MCP server. This node parses the user-provided...
CVE-2026-34935
PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI argument is passed directly to shlex.split and forwarded through the call chain to anyio.openprocess with no validation, allowlist check, or sanitization at any hop, allowing arbitrary OS command...
CVE-2026-34939
PraisonAI is vulnerable to a Regular Expression Denial of Service (ReDoS) through MCPToolIndex.search_tools(), where the function compiles a caller-supplied string directly into a Python regex with no validation or timeout. A crafted pattern can trigger catastrophic backtracking, blocking the Pyt...