4 matches found
EUVD-2026-42900
PraisonAI pip package praisonaiagents before 1.6.78 contains an unsafe dynamic module loading vulnerability in AgentFlow.resolvepydanticclass src/praisonai-agents/praisonaiagents/workflows/workflows.py. When a workflow step uses a string outputpydantic reference, the framework locates and imports...
Malicious code in actions-workflow-tools (npm)
The package actions-workflow-tools was found to contain malicious code...
MAL-2025-14042 Malicious code in actions-workflow-tools (npm)
The package actions-workflow-tools was found to contain malicious code...
Malicious Package
Overview actions-workflow-tools is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...