184927 matches found
PT-2026-50778
Name of the Vulnerable Software and Affected Versions Mojolicious::Sessions::Storable versions prior to 0.06 Description The software generates session IDs insecurely. The default session ID generator utilizes a SHA-1 hash seeded with the built-in rand function, the epoch time, the heap address o...
PT-2026-50720
Name of the Vulnerable Software and Affected Versions Kirby versions prior to 4.9.4 Kirby versions prior to 5.4.4 Description Authenticated users can confirm the existence of arbitrary pages and retrieve their title field values. This occurs when sites use the pages field and user roles have the...
PT-2026-50782
Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.9.2 Description pam usb provides hardware authentication for Linux using removable media. The software calls the xmlReadFile function with flags=0 when loading the configuration file, which allows libxml2 to process...
PT-2026-50708
Name of the Vulnerable Software and Affected Versions HAProxy versions prior to 3.4.0 Description A null pointer dereference occurs in the hpack dht insert function within src/hpack-tbl.c because the return value of hpack dht defrag is not validated when the memory pool is exhausted. An attacker...
PT-2026-50795
Name of the Vulnerable Software and Affected Versions mcp-pinot versions prior to 3.1.0 Description mcp-pinot is a Python-based Model Context Protocol MCP server for interacting with Apache Pinot. The software defaults to running an HTTP MCP server bound to 0.0.0.0:8080 without authentication. Th...
PT-2026-50799
Name of the Vulnerable Software and Affected Versions Cost Management Interactive Experiences affected versions not specified Description Exposure of sensitive information in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network...
PT-2026-50634
The Offload, AI & Optimize with Cloudflare Images plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.10.2 via the 'account-id' parameter parameter. This is due to insufficient privilege enforcement on the cf images do setup AJAX handler, which...
PT-2026-53178
Impact When a JWE uses a password-based key-encryption algorithm PBES2-HS256+A128KW, PBES2-HS384+A192KW, PBES2-HS512+A256KW, PBES2AESKW::unwrapKey reads the p2c PBKDF2 iteration count parameter directly from the attacker-controlled JOSE header and passes it to hash pbkdf2 with no upper bound. The...
PT-2026-50772
Name of the Vulnerable Software and Affected Versions JTL Shop versions 5.2.0 through 5.7.1 Description Unauthenticated attackers can inject malicious template syntax because unsanitized user-supplied input is passed to the Smarty template engine, a tool used to generate dynamic web content. This...
PT-2026-50682
I got six CVEs in a major npm package including 4 RCEs. CVE-2026-54662, CVE-2026-54661, CVE-2026-54666, CVE-2026-54664, CVE-2026-54660, CVE-2026-54663 Full writeup with every sink and payload here: https://t.co/Pgwn5lgb9y infosec cybersecurity rce...
PT-2026-53148
Jobs webhook SSRF protection bypass via DNS rebinding Summary PraisonAI's Async Jobs API validates webhook url when a job request is parsed and again when the internal Job object is constructed. That validation blocks direct loopback/private targets, but it is not bound to the later network...
PT-2026-53183
Summary A low-privileged authenticated AgenticMail agent can enumerate another agent's pending/claimed tasks by supplying the target agent name to GET /api/agenticmail/tasks/pending?assignee=. The returned task objects include the task IDs and payloads. The same task IDs can then be used with the...
PT-2026-53155
Root has patched GHSA-fw8g-cg8f-9j28 in the rootio-github.com/prometheus/prometheus package for Root:Go. Multiple fixed versions available...
PT-2026-53129
DiscordApproval accepts unrelated channel messages as dangerous-tool approvals Summary praisonai.bots.DiscordApproval approves a pending dangerous tool call when it sees any later non-bot message in the configured Discord channel whose text is classified as approval, such as yes. The decision is...
PT-2026-53127
SpiderTools redirect-target SSRF protection bypass Summary SpiderTools.scrape page validates the initial URL and rejects direct loopback, private, link-local, metadata, and internal hostnames. It then calls requests.Session.get without disabling automatic redirects or validating redirect Location...
PT-2026-51423
Уязвимость программного обеспечения выявления уязвимостей и ошибок PT Application Inspector связана с отсутствием авторизации. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, повысить свои привилегии...
PT-2026-53131
Summary The published npm package praisonai ships a TypeScript AgentOS HTTP server that defaults to host: "0.0.0.0" and registers sensitive agent routes without any authentication or authorization middleware. When a developer starts AgentOS, a network attacker who can reach the service can: - rea...
PT-2026-53160
This update for rootlesskit rebuilds it against the current go security release...
PT-2026-53116
PraisonAI Dynamic Context history and terminal tools read files outside configured storage via path traversal Summary PraisonAI's Dynamic Context module provides filesystem-backed history and terminal-log storage. The SDK reference describes the module as providing: - artifact storage for tool...
PT-2026-53126
HTTPApproval dashboard renders tool arguments as raw HTML, allowing approval-page XSS to approve dangerous tools Summary praisonai.bots.HTTPApproval renders pending tool approval arguments directly into the approval dashboard HTML. An attacker-controlled tool argument can inject JavaScript into...
PT-2026-53186
Summary This advisory covers three distinct SQL Injection vulnerabilities within Budibase's database connectors PostgreSQL, Microsoft SQL Server, and MySQL. Because user-controlled schema and table configurations are interpolated directly into raw SQL queries without proper escaping or...
PT-2026-53188
Summary The Docker API server applied its SSRF destination check validate url destination on the non-streaming /crawl path but not on the streaming path. handle stream crawl request passed seed URLs straight to the crawler with no destination validation. A remote, unauthenticated client could cal...
PT-2026-53138
Summary The published npm package praisonai exports a TypeScript SandboxExecutor with a network-isolated mode. The CLI lists that mode as: text network-isolated No network access proxy blocked The implementation does not create a network namespace, firewall rule, socket filter, or proxy-enforced...
PT-2026-53137
PraisonAI Code agent tools fail open without a workspace boundary Summary PraisonAI Code's agent-compatible CODE TOOLS wrappers keep a global workspace root initialized to None. If an application uses CODE TOOLS, code read file, code search replace, or code apply diff before calling set workspace...
PT-2026-50862
These are all security issues fixed in the tinyproxy-1.11.3-3.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-53182
@acastellon/auth v2.2.0 appears to allow an unauthenticated authentication bypass in validateToken through spoofable auth-user and Host request headers. The validateToken middleware contains a service-to-service bypass for auth-user: service-brother when req.get'host'.startsWithgetHostName. Both...
PT-2026-50856
These are all security issues fixed in the containerized-data-importer-1.65-api-1.65.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-50858
These are all security issues fixed in the inspektor-gadget-0.53.2-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-53141
On case-insensitive filesystems macOS, Windows, PathFilter compiled its deny-list patterns case-sensitively and matched the path verbatim, so names like .Git/config, .GIT/config, or .oBsIdIaN/secrets.md slipped past the .git/.obsidian/node modules restriction while the OS opened the real file. On...
PT-2026-53153
PraisonAI AgentTeam.launch exposes unauthenticated remote agent invocation endpoints Summary PraisonAI's documented Python AgentTeam.launch / Agents.launch HTTP server starts externally reachable agent invocation endpoints without any authentication enforcement. The current implementation registe...
PT-2026-53161
This update for rootlesskit rebuilds it against the current go security release...
PT-2026-53149
PraisonAI recipe.run stream skips dangerous-tool policy enforcement Summary PraisonAI recipe execution blocks default-denied dangerous tools unless the caller explicitly passes allow dangerous tools=True. The normal recipe.run path enforces this with check tool policy. The streaming path,...
PT-2026-53147
Summary A workspace member can permanently delete any resource — projects, agents, issues, labels, issue dependencies, and issue-label attachments — created by the workspace owner or other members. All six content DELETE endpoints enforce workspace membership but perform no ownership or role chec...
PT-2026-50859
These are all security issues fixed in the kubevirt-1.8-container-disk-1.8.3-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-50860
These are all security issues fixed in the python311-starlette-1.3.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-53181
Summary The digits parameter parsed from a provisioning URI is validated only with a lower bound $value 0 and has no upper bound src/OTP.php:353-357. OTP generation computes $code % 10 $this-getDigits src/OTP.php:283. When digits is large enough that 10 digits overflows PHP's integer range and th...
PT-2026-50792
Name of the Vulnerable Software and Affected Versions guzzlehttp/psr7 versions prior to 2.12.1 Description guzzlehttp/psr7 fails to reject Carriage Return CR and Line Feed LF characters in specific HTTP start-line fields, including the request method, protocol version, and response reason phrase...
PT-2026-50580
Name of the Vulnerable Software and Affected Versions PTC Windchill PDMlink versions prior to 11.0 M030 PTC FlexPLM versions prior to 11.0 M030 CPS affected versions not specified Description A critical remote code execution RCE flaw exists due to the deserialization of untrusted data and imprope...
PT-2026-50786
Name of the Vulnerable Software and Affected Versions libssh2 versions prior to 1.11.1 commit 2dae302 Description An out-of-bounds heap read exists in the sftp symlink function within src/sftp.c. A malicious SSH server or man-in-the-middle attacker can disclose heap memory contents or cause a cra...
PT-2026-53124
Summary The published npm package praisonai ships dist/tools/utility-tools.js, which exports a shellcommand helper described in source as: text Execute shell command safe version - read-only commands The helper attempts to enforce a safe read-only command allowlist by checking only the first...
PT-2026-50683
I got six CVEs in a major npm package including 4 RCEs. CVE-2026-54662, CVE-2026-54661, CVE-2026-54666, CVE-2026-54664, CVE-2026-54660, CVE-2026-54663 Full writeup with every sink and payload here: https://t.co/Pgwn5lgb9y infosec cybersecurity rce...
PT-2026-50628
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to generic SQL Injection via the 'name' parameter in all versions up to, and including, 1.15.43 due to insufficient escaping on the user supplied parameter and lack of sufficient...
PT-2026-50728
Impact When using .pgpass, database connection information including the username and password will be logged at the debug level. Patches Upgrade to version 2.7.1 or greater. Workarounds Filter out debug-level logs. References This issue was discovered by BugCrowd user DRAKOKORIAN...
PT-2026-54544
Уязвимость платформы для управления и защиты идентификационных данных Azure Active Directory связана с недостатками процедуры аутентификации. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, повысить свои привилегии...
PT-2026-50678
I got six CVEs in a major npm package including 4 RCEs. CVE-2026-54662, CVE-2026-54661, CVE-2026-54666, CVE-2026-54664, CVE-2026-54660, CVE-2026-54663 Full writeup with every sink and payload here: https://t.co/Pgwn5lgb9y infosec cybersecurity rce...
PT-2026-50681
I got six CVEs in a major npm package including 4 RCEs. CVE-2026-54662, CVE-2026-54661, CVE-2026-54666, CVE-2026-54664, CVE-2026-54660, CVE-2026-54663 Full writeup with every sink and payload here: https://t.co/Pgwn5lgb9y infosec cybersecurity rce...
PT-2026-50621
The PressPrimer Quiz – AI Quiz Maker, Exam Builder & LMS Assessment Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.3.0 via the 'rule id' parameter due to missing validation on a user controlled key. This makes it possible for...
PT-2026-50854
These are all security issues fixed in the MozillaFirefox-152.0-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-50807
Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 1.5.128 Description A cross-origin agent execution issue exists in the 'POST /agui' endpoint, allowing remote attackers to trigger arbitrary agent execution. The endpoint lacks authentication and utilizes hardcoded...
PT-2026-50793
Name of the Vulnerable Software and Affected Versions Guzzle versions prior to 7.12.1 Description CookieJar incorrectly accepts cookies with a dot-only Domain attribute such as Domain=., Domain=.., Domain=... and whitespace-padded variants. The SetCookie::matchesDomain function removes leading...