Lucene search
K
GithubRecent

33225 matches found

Github Security Blog
Github Security Blog
added 2026/04/16 10:34 p.m.17 views

Arbitrary code execution in protobufjs

Summary protobufjs could execute generated JavaScript code derived from protobuf schema metadata. When loading a crafted JSON descriptor, schema-controlled type names and type references could reach runtime code generation without sufficient validation. Impact An attacker who can provide a...

9.8CVSS6.3AI score0.00745EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:34 p.m.8 views

@fastify/static vulnerable to path traversal in directory listing

Impact @fastify/static v9.1.0 and earlier serves directory listings outside the configured static root when the list option is enabled. A request such as /public/../outside/ causes dirList.path to resolve a directory outside the root via path.join without a containment check. A remote...

5.3CVSS6AI score0.00506EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:34 p.m.6 views

@fastify/static vulnerable to route guard bypass via encoded path separators

Impact @fastify/static v9.1.0 and earlier decodes percent-encoded path separators %2F before filesystem resolution, but Fastify's router treats them as literal characters. This creates a routing mismatch: route guards on /admin/ do not match /admin%2Fsecret.html, but @fastify/static decodes it to...

5.9CVSS5.8AI score0.00398EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:29 p.m.6 views

@fastify/middie vulnerable to middleware authentication bypass in child plugin scopes

Impact @fastify/middie v9.3.1 and earlier incorrectly re-prefixes middleware paths when propagating them to child plugin scopes. When a child plugin is registered with a prefix that overlaps with a parent-scoped middleware path, the middleware path is modified during inheritance and silently fail...

9.1CVSS5.8AI score0.00498EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:28 p.m.8 views

@fastify/middie vulnerable to middleware bypass via deprecated ignoreDuplicateSlashes option

Impact @fastify/middie v9.3.1 and earlier does not read the deprecated but still functional top-level ignoreDuplicateSlashes option, only reading from routerOptions. This creates a normalization gap: Fastify's router normalizes duplicate slashes but middie does not, allowing middleware bypass via...

9.1CVSS5.8AI score0.00278EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:55 p.m.9 views

Flowise: resetPassword Authentication Bypass Vulnerability

ZDI-CAN-28762: Flowise AccountService resetPassword Authentication Bypass Vulnerability -- ABSTRACT ------------------------------------- Trend Micro's Zero Day Initiative has identified a vulnerability affecting the following products: Flowise - Flowise -- VULNERABILITY DETAILS...

9.8CVSS5.9AI score0.0687EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:54 p.m.9 views

Flowise: Cypher Injection in GraphCypherQAChain

Summary The GraphCypherQAChain node forwards user-provided input directly into the Cypher query execution pipeline without proper sanitization. An attacker can inject arbitrary Cypher commands that are executed on the underlying Neo4j database, enabling data exfiltration, modification, or deletio...

9.8CVSS6.2AI score0.00504EPSS
Exploits1References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:53 p.m.8 views

Flowise: Password Reset Link Sent Over Unsecured HTTP

Summary: The password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a man-in-the-middle MITM attack, where an attacker on the same network as the user e.g., public Wi-Fi can intercept...

7.5CVSS5.8AI score0.00192EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:52 p.m.24 views

Flowise: Unauthenticated OAuth 2.0 Access Token Disclosure via Public Chatflow in Flowise

Summary Flowise contains an authentication bypass vulnerability that allows an unauthenticated attacker to obtain OAuth 2.0 access tokens associated with a public chatflow. By accessing a public chatflow configuration endpoint, an attacker can retrieve internal workflow data, including OAuth...

8.2CVSS5.8AI score0.00308EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:52 p.m.10 views

Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains

Summary A Server-Side Request Forgery SSRF vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass th...

8.3CVSS6AI score0.00233EPSS
Exploits1References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:51 p.m.9 views

Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)

Summary The core security wrappers secureAxiosRequest and secureFetch intended to prevent Server-Side Request Forgery SSRF contain multiple logic flaws. These flaws allow attackers to bypass the allow/deny lists via DNS Rebinding Time-of-Check Time-of-Use or by exploiting the default configuratio...

7.1CVSS5.8AI score0.00232EPSS
Exploits1References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:50 p.m.7 views

Flowise: SSRF Protection Bypass via Unprotected Built-in HTTP Modules in Custom Function Sandbox

Summary A Server-Side Request Forgery SSRF protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via HTTPDENYLIST for axios and node-fetch libraries, the built-in Node.js http, https, and net modules are allowed in the NodeVM sandb...

8.3CVSS6AI score0.00234EPSS
Exploits1References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:49 p.m.16 views

Flowise: File Upload Validation Bypass in createAttachment

Summary In FlowiseAI, the Chatflow configuration file upload settings can be modified to allow the application/javascript MIME type. This lets an attacker upload .js files even though the frontend doesn’t normally allow JavaScript uploads. This enables attackers to persistently store malicious...

8.8CVSS5.9AI score0.10036EPSS
Exploits3References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:46 p.m.7 views

Flowise: Parameter Override Bypass Remote Command Execution

Summary Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined with a NODEOPTIONS environment variable injection. This allows for the execution of arbitrary syste...

9.8CVSS6.4AI score0.13789EPSS
Exploits1References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:44 p.m.6 views

Flowise: Sensitive Data Leak in public-chatbotConfig

Summary /api/v1/public-chatbotConfig/:id ep exposes sensitive data including API keys, HTTP authorization headers and internal configuration without any authentication. An attacker with knowledge just of a chatflow UUID can retrieve credentials stored in password type fields and HTTP headers,...

7.7CVSS5.8AI score0.00346EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:44 p.m.12 views

Flowise: Improper Mass Assignment in Account Registration Enables Unauthorized Organization Association

Summary An improper mass assignment JSON injection vulnerability in the account registration endpoint of Flowise Cloud allows unauthenticated attackers to inject server-managed fields and nested objects during account creation. This enables client-controlled manipulation of ownership metadata,...

9.8CVSS5.8AI score0.00334EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:44 p.m.11 views

Flowise: Code Injection in CSVAgent leads to Authenticated RCE

Summary The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an attacker can provide the following payload: DataFrame'foo': 'bar!';import os;os.system'whoami' that will get interpolated and executed by the server. Details The code in question that introduces t...

9.4CVSS6.1AI score0.0145EPSS
Exploits1References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:43 p.m.6 views

Flowise: Remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using `Pandas`.

Description Summary “AirtableAgent” is an agent function provided by FlowiseAI that retrieves search results by accessing private datasets from airtable.com. “AirtableAgent” uses Python, along with Pyodide and Pandas, to get and return results. The user’s input is directly applied to the question...

8.8CVSS6.6AI score0.00603EPSS
Exploits1References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:38 p.m.53 views

Istio: SSRF via RequestAuthentication jwksUri

Impact When a RequestAuthentication resource is created with a jwksUri pointing to an internal service, istiod makes an unauthenticated HTTP GET request to that URL without filtering out localhost or link local ips. This can result in sensitive data being distributed to Envoy proxies via xDS...

7.7CVSS5.8AI score0.00329EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:37 p.m.10 views

basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()

Summary [email protected] is vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A malicious or compromised server can send an extremely large or never-ending listing response to Client.list, causing the client process to...

7.5CVSS6.2AI score0.00332EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:37 p.m.6 views

Kyverno apiCall automatically forwards ServiceAccount token to external endpoints (credential leak)

Summary Kyverno's apiCall service mode automatically attaches the admission controller's ServiceAccount SA token to outbound HTTP requests. This results in unintended credential exposure when requests are sent to external or attacker-controlled endpoints. The behavior is insecure-by-default and n...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:36 p.m.10 views

Kyverno: ServiceAccount token leaked to external servers via apiCall service URL

Summary Kyverno's apiCall feature in ClusterPolicy automatically attaches the admission controller's ServiceAccount token to outgoing HTTP requests. The service URL has no validation — it can point anywhere, including attacker-controlled servers. Since the admission controller SA has permissions ...

9.1CVSS5.8AI score0.0056EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:35 p.m.10 views

Kyverno: Cross-Namespace Read Bypasses RBAC Isolation (CVE-2026-22039 Incomplete Fix)

Summary CVE-2026-22039 fixed cross-namespace privilege escalation in Kyverno's apiCall context by validating the URLPath field. However, the ConfigMap context loader has the identical vulnerability — the configMap.namespace field accepts any namespace with zero validation, allowing a namespace...

9.9CVSS5.8AI score0.00516EPSS
Exploits2References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:34 p.m.8 views

Unauthenticated Information Disclosure (IDOR) via Multisite switch_to_blog in My Calendar

Summary An unauthenticated Insecure Direct Object Reference IDOR and Denial of Service DoS vulnerability in the My Calendar plugin allows any unauthenticated user to extract calendar events including private or hidden ones from any sub-site on a WordPress Multisite network. On standard Single Sit...

8.8CVSS5.8AI score0.00932EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:31 p.m.10 views

OmniFaces: EL injection via crafted resource name in wildcard CDN mapping

Impact Server-side EL injection leading to Remote Code Execution RCE. Affects applications that use CDNResourceHandler with a wildcard CDN mapping e.g. libraryName:=https://cdn.example.com/. An attacker can craft a resource request URL containing an EL expression in the resource name, which is...

8.1CVSS5.9AI score0.00382EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:30 p.m.8 views

pypdf: Manipulated FlateDecode image dimensions can exhaust RAM

Impact An attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. Patches This has been fixed in pypdf==6.10.2. Workarounds If you cannot upgrade yet, consider applying the changes fro...

6.5CVSS5.7AI score0.00226EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:30 p.m.10 views

pypdf: Possible long runtimes for wrong size values in incremental mode

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. Patches This has been fixed in pypdf==6.10.2. Workarounds If you cannot upgrade yet, consider applying the changes from PR...

6.5CVSS5.7AI score0.00214EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:30 p.m.12 views

pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM

Impact An attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor parameters. Patches This has been fixed in pypdf==6.10.2. Workarounds If you cannot...

6.5CVSS5.7AI score0.00226EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:28 p.m.9 views

ACME Lego: Arbitrary File Write via Path Traversal in Webroot HTTP-01 Provider

Summary The webroot HTTP-01 challenge provider in lego is vulnerable to arbitrary file write and deletion via path traversal. A malicious ACME server can supply a crafted challenge token containing ../ sequences, causing lego to write attacker-influenced content to any path writable by the lego...

8.8CVSS6.5AI score0.0034EPSS
Exploits0References3Affected Software3
Github Security Blog
Github Security Blog
added 2026/04/16 9:28 p.m.6 views

Home Assistant Command-line Interface: Handling of user-supplied Jinja2 templates

Impact Up to 1.0.0 of home-assitant-cli or hass-cli for short an unrestricted environment was used to handle Jninja2 templates instead of a sandboxed one. The user-supplied input within Jinja2 templates was rendered locally with no restrictions. This gave users access to Python's internals and...

5.6CVSS6.3AI score0.00103EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:28 p.m.13 views

Official Clerk JavaScript SDKs: Middleware-based route protection bypass

Summary createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can be bypassed by certain crafted requests, allowing them to skip middleware gating and reach downstream handlers. Sessions are not compromised and no existing user can be impersonated - the bypass only affects the...

9.1CVSS5.8AI score0.00323EPSS
Exploits0References3Affected Software4
Github Security Blog
Github Security Blog
added 2026/04/16 9:25 p.m.8 views

Statamic: Unsafe method invocation via query value resolution allows data destruction

Impact Manipulating query parameters on Control Panel and REST API endpoints, or arguments in GraphQL queries, could result in the loss of content, assets, and user accounts. The Control Panel requires authentication with minimal permissions in order to exploit. e.g. "view entries" permission to...

8.1CVSS5.7AI score0.00304EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:25 p.m.10 views

WWBN AVideo: RCE cause by clonesite plugin

Description Summary The cloneServer.json.php endpoint in the CloneSite plugin constructs shell commands using user-controlled input url parameter without proper sanitization. The input is directly concatenated into a wget command executed via exec, allowing command injection. An attacker can inje...

9.8CVSS6.2AI score0.02221EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:24 p.m.9 views

electerm: electerm_install_script_CommandInjection Vulnerability Report

Impact What kind of vulnerability is it? Who is impacted? Command Injection vulnerabilities in electerm: A command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac function appends attacker-controlled remote releaseInfo.name directly into an exec"open...

9.8CVSS5.9AI score0.01572EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:23 p.m.9 views

Flowise Execute Flow function has an SSRF vulnerability

Summary The attacker provides an intranet address through the base url field configured in the Execute Flow node → Bypass checkDenyList / resolveAndValidate in httpSecurity.ts not called → Causes the server to initiate an HTTP request to any internal network address, read cloud metadata, or detec...

5.8AI score
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:23 p.m.15 views

Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure)

Summary Flowise introduced SSRF protections through a centralized HTTP security wrapper httpSecurity.ts that implements deny-list validation and IP pinning logic. However, multiple tool implementations directly import and invoke raw HTTP clients node-fetch, axiosInstead of using the secured...

9.8CVSS5.9AI score0.00396EPSS
Exploits1References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:22 p.m.5 views

Flowise: Path Traversal in Vector Store basePath

Summary The Faiss and SimpleStore LlamaIndex vector store implementations accept a basePath parameter from user-controlled input and pass it directly to filesystem write operations without any sanitization. An authenticated attacker can exploit this to write vector store data to arbitrary locatio...

6AI score
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:22 p.m.7 views

Flowise: Weak Default Token Hash Secret

Detection Method: Kolega.dev Deep Code Scan | Attribute | Value | |---|---| | Location | packages/server/src/enterprise/utils/tempTokenUtils.ts:31-34 | | Practical Exploitability | Medium | | Developer Approver | [email protected] | Description The encryption key for token encryption has a weak...

4.6CVSS5.9AI score0.00093EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:22 p.m.4 views

Flowise: Weak Default Express Session Secret

Detection Method: Kolega.dev Deep Code Scan | Attribute | Value | |---|---| | Location | packages/server/src/enterprise/middleware/passport/index.ts:55 | | Practical Exploitability | High | | Developer Approver | [email protected] | Description Express session secret has a weak default value...

6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:21 p.m.9 views

Flowise: Weak Default JWT Secrets

Detection Method: Kolega.dev Deep Code Scan | Attribute | Value | |---|---| | Severity | Critical | | Location | packages/server/src/enterprise/middleware/passport/index.ts:29-34 | | Practical Exploitability | High | | Developer Approver | [email protected] | Description JWT secrets have weak...

5.8AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:20 p.m.11 views

Flowise: Unauthenticated Information Disclosure of OAuth Secrets (Cleartext) via GET Request

Summary I have discovered a critical Missing Authentication vulnerability on the /api/v1/loginmethod endpoint. The API allows unauthenticated users guests to retrieve the full SSO configuration of any organization by simply providing an organizationId. The response includes sensitive OAuth...

8.7CVSS5.9AI score0.00383EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:19 p.m.10 views

OpenClaw: TOCTOU read in exec script preflight

Summary OpenClaw's exec script preflight validator previously validated and then read a script by mutable pathname. A local race could swap the path between validation and read, causing preflight analysis to inspect a different file identity than the one that passed the workspace boundary check...

2.5CVSS6AI score0.00079EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:18 p.m.10 views

Flowise: Authenticated RCE Via MCP Adapters

Summary Due to unsafe serialization of stdio commands in the MCP adapter, an authenticated attacker can add an MCP stdio server with an arbitrary command, achieving command execution. Details The vulnerability lies in a bug in the input sanitization from the “Custom MCP” configuration in...

9.9CVSS6.5AI score0.01987EPSS
Exploits1References4Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 9:17 p.m.6 views

webpki: Name constraints were accepted for certificates asserting a wildcard name

Permitted subtree name constraints for DNS names were accepted for certificates asserting a wildcard name. This was incorrect because, given a name constraint of accept.example.com, .example.com could feasibly allow a name of reject.example.com which is outside the constraint. This is very simila...

6.5CVSS6.7AI score0.00274EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:16 p.m.19 views

Mako: Path traversal via double-slash URI prefix in TemplateLookup

Summary TemplateLookup.gettemplate is vulnerable to path traversal when a URI starts with // e.g., //../../../secret.txt. The root cause is an inconsistency between two slash-stripping implementations: - Template.init strips one leading / using if/slice - TemplateLookup.gettemplate strips all...

8.7CVSS5.8AI score0.00361EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:16 p.m.9 views

webpki: Name constraints for URI names were incorrectly accepted

Name constraints for URI names were ignored and therefore accepted. Note this library does not provide an API for asserting URI names, and URI name constraints are otherwise not implemented. URI name constraints are now rejected unconditionally. Since name constraints are restrictions on otherwis...

5.8AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:14 p.m.10 views

Junrar: Path Traversal (Zip-Slip) via Sibling Directory Name Prefix

Summary A path traversal vulnerability in LocalFolderExtractor allows an attacker to write arbitrary files with attacker-controlled content into sibling directories when a crafted RAR archive is extracted. Example Given an extraction directory set to /tmp/extract, a crafted archive with an entry...

9.3CVSS5.9AI score0.00336EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:13 p.m.6 views

PsiTransfer: Upload PATCH path traversal can create `config.<NODE_ENV>.js` and lead to code execution on restart

Summary The upload PATCH flow under /files/:uploadId validates the mounted request path using the still-encoded req.path, but the downstream tus handler later writes using the decoded req.params.uploadId. In deployments that use a supported custom PSITRANSFERUPLOADDIR whose basename prefixes a...

7.5CVSS6.1AI score0.00307EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:10 p.m.9 views

Mojic: Observable Timing Discrepancy in HMAC Verification

Summary The CipherEngine in Mojic v2.1.3 uses a standard equality operator !== to verify the HMAC-SHA256 integrity seal during the decryption phase. This creates an Observable Timing Discrepancy CWE-208, allowing a potential attacker to bypass the file integrity check via a timing attack. Details...

4.7CVSS6AI score0.00108EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 9:9 p.m.6 views

@node-oauth/oauth2-server: PKCE code_verifier ABNF not enforced in token exchange allows brute-force redemption of intercepted authorization codes

Summary The token exchange path accepts RFC7636-invalid codeverifier values including one-character strings for S256 PKCE flows. Because short/weak verifiers are accepted and failed verifier attempts do not consume the authorization code, an attacker who intercepts an authorization code can...

5.9CVSS5.9AI score0.00259EPSS
Exploits1References3Affected Software1
Total number of security vulnerabilities33225