Lucene search
+L

10 matches found

osv
osv
added 2026/07/02 12:34 p.m.3 views

CVE-2026-58653 PraisonAI - Authorization Bypass via Unvalidated project_id in Issue Create/Update

PraisonAI before 0.1.7 fails to validate that projectid in issue create and update request bodies belongs to the URL workspace. An attacker can create issues referencing projects from other workspaces, causing cross-tenant data pollution in project statistics aggregation without workspace...

5.3CVSS6AI score0.00158EPSS
Exploits0References4
osv
osv
added 2026/06/18 2:48 p.m.6 views

GHSA-2FJJ-QQG8-FG7X praisonai-platform: Authorization Bypass Through User-Controlled Key

Summary The issue create and update endpoints in praisonai-platform accept a projectid in the request body and persist it without validating that the project belongs to the URL workspace. A user who is a member of workspace WB and has no access to workspace WA can create issues that reference a...

4.3CVSS5.5AI score0.00158EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/09 4:35 p.m.36 views

CVE-2026-49958 Hermes WebUI < 0.51.303 TOCTOU Race Condition via git_discard

Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use TOCTOU race condition vulnerability in the gitdiscard function within api/workspacegit.py that allows attackers to delete files outside the configured workspace boundary by replacing a validated path component with a symlin...

5CVSS0.00081EPSS
Exploits0References5
osv
osv
added 2026/06/01 2:24 p.m.8 views

GHSA-XWQ8-FRCG-77Q8 praisonai-platform: Issue endpoints accept any issue_id without workspace ownership check, cross-workspace read/update/delete IDOR

Summary Type: Insecure Direct Object Reference. The issue CRUD endpoints GET / PATCH / DELETE /workspaces/workspaceid/issues/issueid gate access on requireworkspacememberworkspaceid only, then resolve issueid through IssueService.getissueid which is a primary-key lookup with no workspace...

8.3CVSS5.8AI score0.00043EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/01 12:0 a.m.20 views

PT-2026-45488

Name of the Vulnerable Software and Affected Versions praisonai-platform affected versions not specified Description An Insecure Direct Object Reference IDOR exists in the comment endpoints. The system verifies if a user is a member of a workspace but fails to verify if the requested issue belong...

8.1CVSS6.1AI score0.00032EPSS
Exploits0References7
github
github
added 2026/05/29 10:34 p.m.33 views

praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership

Summary Type: Insecure Direct Object Reference. The GET /workspaces/workspaceid/issues/issueid/activity endpoint is gated by requireworkspacememberworkspaceid and dispatches to ActivityService.listforissueissueid, which executes SELECT FROM activity WHERE issueid = :issueid with no workspace...

5.8AI score0.00032EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2026/04/09 10:16 p.m.7 views

CVE-2026-40152

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, he listfiles tool in FileTools validates the directory parameter against workspace boundaries via validatepath, but passes the pattern parameter directly to Path.glob without any validation. Since Python's Path.glob supports .. path...

5.3CVSS0.00311EPSS
Exploits1References1
euvd
euvd
added 2026/04/09 5:1 p.m.4 views

EUVD-2026-20974

AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safejoin function in the essentialabilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or...

8.8CVSS6AI score0.01318EPSS
Exploits1References3
github
github
added 2026/04/08 8:2 p.m.8 views

AGiXT Vulnerable to Path Traversal in safe_join()

Summary The safejoin function in the essentialabilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or delete arbitrary files on the server hosting the AGiXT...

8.8CVSS6.1AI score0.01318EPSS
Exploits1References5Affected Software1
ptsecurity
ptsecurity
added 2026/02/04 12:0 a.m.4 views

PT-2026-6272

Name of the Vulnerable Software and Affected Versions melange versions 0.14.0 through 0.40.2 Description melange allows users to build apk packages using declarative pipelines. An attacker who can influence a melange configuration file could read arbitrary files from the host system. The...

5.5CVSS5.7AI score0.00168EPSS
Exploits0References12
Rows per page
Query Builder