Lucene search
K
PtsecurityRecent

184382 matches found

Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.17 views

PT-2026-53545

Summary OAuthManager.validate token returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. Details...

9.1CVSS5.9AI score0.00375EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.17 views

PT-2026-53283

Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 2025.5.0 Description The iOS companion app fails to respect the SSID allowlist for internal networks. While the app typically uses the Service Set Identifier SSID—the public name of a wireless network—to...

7.5CVSS5.8AI score0.00161EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.15 views

PT-2026-53447

Path Traversal Vulnerability in InvokeAI A path traversal vulnerability in InvokeAI versions 6.7.0 allows an unauthenticated remote attacker to read files outside the intended media directory via the bulk downloads API. The endpoint accepts a user-controlled file/item name and concatenates it int...

9.8CVSS6AI score0.00353EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.17 views

PT-2026-53300

Name of the Vulnerable Software and Affected Versions Business Directory versions prior to 6.4.24 Description An unauthenticated broken access control issue exists, allowing unauthorized users to bypass access restrictions. Recommendations Update to a version newer than 6.4.23...

6.5CVSS5.9AI score0.00196EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.20 views

PT-2026-53410

ID: NFLX-2024-002 Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any...

9.6CVSS5.8AI score0.00928EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.13 views

PT-2026-53281

A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientchangepassword.php. Executing a manipulation of the argument newpassword can lead to sql injection. The attack may be launched remotely. The...

6.5CVSS6.5AI score0.002EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.11 views

PT-2026-53510

Summary An authentication bypass vulnerability exists due to improper trust in client-controlled cookies. The application accepts user-supplied cookie values containing a username and password-hash-derived value as sufficient authentication material. These cookies can be set or modified prior to...

9.1CVSS6AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.18 views

PT-2026-53251

Name of the Vulnerable Software and Affected Versions Edimax EW-7478APC version 1.04 Description An OS command injection flaw exists in the POST Request Handler component. A remote attacker can exploit this by manipulating the submit-url argument within the formAccept function of the...

6.5CVSS7AI score0.01158EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.6 views

PT-2026-53620

A command injection vulnerability in the execute command function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary commands via a crafted input...

10CVSS6.1AI score0.01891EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53353

Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary Python code by manipulating the field type parameter passed to eval. Attackers can influence the field type value in a FunctionCall to achiev...

9.8CVSS6.7AI score0.00852EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.14 views

PT-2026-53661

LibreTranslate through 1.9.7, fixed in commit 397fd22, contains an IP spoofing vulnerability in the get remote address function that allows unauthenticated attackers to spoof client IP addresses by injecting arbitrary values into the X-Forwarded-For header without trusted proxy validation...

6.9CVSS6AI score0.00192EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.9 views

PT-2026-53577

Impact The Keccak sponge function interface accepts partial inputs to be absorbed and partial outputs to be squeezed. A buffer can overflow when partial data with some specific sizes are queued, where at least one of them has a length of 2^32 - 200 bytes or more. Patches Yes, see commit fdc6fef0...

9.8CVSS7.4AI score0.05193EPSS
Exploits1References25
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.14 views

PT-2026-53272

Name of the Vulnerable Software and Affected Versions acl versions prior to 2.4.0 Description A symlink traversal issue exists in pathname-based functions. Local attackers can escalate privileges by replacing a pathname component with a symbolic link. If an attacker controls any part of a pathnam...

8.4CVSS5.9AI score0.00142EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53533

pgAdmin prior to version 8.4 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is...

9.9CVSS6AI score0.79326EPSS
Exploits4References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.14 views

PT-2026-53511

OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...

9.8CVSS6.2AI score0.03166EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.11 views

PT-2026-53401

calibre-web is vulnerable to Business Logic Errors...

9.8CVSS5.8AI score0.01375EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53560

Summary praisonai browser start exposes the browser bridge on 0.0.0.0 by default, and its /ws endpoint accepts websocket clients that omit the Origin header entirely. An unauthenticated network client can connect as a fake controller, send start session, cause the server to forward start automati...

9.1CVSS6.1AI score0.00356EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53307

A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parse by block type of the file light pcapng.c of the component LightPcapNg Parser. Performing a manipulation of the argument captured packet length results in heap-based buffer overflow. It is possible t...

6.3CVSS5.7AI score0.00419EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53399

Calibre-Web before 0.6.18 allows user table SQL Injection...

9.8CVSS5.8AI score0.01118EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53729

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A race condition, which occurs when the timing or sequence of events is not properly controlled, was identified. This issue allows an...

4.7CVSS6AI score0.00096EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.8 views

PT-2026-53762

Summary Description An Improper Authorization CWE-285 issue in OpenAM's OAuth2 authorization-code grant allows a PKCE-protected authorization code to be redeemed without the required code verifier. This affects OpenAM Community Edition through version 16.0.6 and was patched in version 16.1.1. The...

7.1CVSS5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53568

Summary Path Traversal in pyLoad-ng CNL Blueprint via package parameter allows Arbitrary File Write leading to Remote Code Execution RCE The addcrypted endpoint in pyload-ng suffers from an unsafe path construction vulnerability, allowing unauthenticated attackers to write arbitrary files outside...

9.8CVSS6.6AI score0.01191EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53630

The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s “ask” method with...

8.1CVSS6.2AI score0.14956EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53298

Unauthenticated Cross Site Scripting XSS in Landing Page Builder = 1.5.3.5 versions...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.16 views

PT-2026-53328

When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...

8.2CVSS5.8AI score0.00433EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.19 views

PT-2026-53538

A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT overwrite some content without needing write permission...

9.8CVSS5.8AI score0.02258EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.18 views

PT-2026-53676

Mixpost through 2.6.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in authenticated users' browsers by crafting malicious OAuth callback URLs with unsanitized error query parameters. Attackers can exploit the OAuth...

6.1CVSS5.9AI score0.00168EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.16 views

PT-2026-53480

An issue was discovered in llama index before 0.10.38. download/integration.py includes an exec call for import cls name...

9.8CVSS5.8AI score0.00528EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.16 views

PT-2026-53582

Impact A maliciously crafted QPY file can potentially execute arbitrary-code embedded in the payload without privilege escalation when deserializing QPY formats 13. A python process calling Qiskit's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded in the corre...

9.8CVSS6AI score0.00741EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.17 views

PT-2026-53587

Anyscale Ray allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment...

9.8CVSS6.4AI score0.81512EPSS
Exploits6References18
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53472

BerriAI/litellm is vulnerable to Server-Side Template Injection SSTI via the /completions endpoint. The vulnerability arises from the hf chat template method processing the chat template parameter from the tokenizer config.json file through the Jinja template engine without proper sanitization...

9.8CVSS6.2AI score0.01256EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.45 views

PT-2026-53645

A heap-based buffer overflow exists in the qr reader match centers function of ZBar 0.23.90. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this vulnerability, an attacker can digitally input the malicious QR code, or prepare it to be...

9.8CVSS6.3AI score0.01542EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.14 views

PT-2026-53666

Name of the Vulnerable Software and Affected Versions Pinpoint versions prior to 3.1.1 Description Insecure session management occurs because the pinpointJwt session cookie lacks HttpOnly and Secure attributes. This allows the cookie to be accessed via JavaScript through document.cookie and...

7.6CVSS5.8AI score0.00126EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.9 views

PT-2026-53321

Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Improper handling of untrusted remote references allows server-side request forgery SSRF, a condition where a server is coerced into making requests to an unintended destination. The SQL stateme...

9.6CVSS6.1AI score0.00118EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.6 views

PT-2026-53517

LDAP Empty Password Authentication Bypass Affected Component LDAP authentication endpoint: - backend/open webui/routers/auths.py lines 468-477, user bind with empty password - backend/open webui/models/auths.py lines 58-60, LdapForm model Affected Versions Current main branch commit 6fdd19bf1 and...

9.1CVSS6AI score0.01461EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.8 views

PT-2026-53287

Unauthenticated Cross Site Scripting XSS in Business Directory = 6.4.22 versions...

6.1CVSS5.8AI score0.00181EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53514

An issue was discovered in exception wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens...

9.8CVSS5.8AI score0.02283EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.9 views

PT-2026-53520

OpenViking prior to commit c7bb167 contains an authentication bypass vulnerability in the VikingBot OpenAPI HTTP route surface where the authentication check fails open when the api key configuration value is unset or empty. Remote attackers with network access to the exposed service can invoke...

9.1CVSS5.8AI score0.00571EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53369

Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3...

9.8CVSS5.8AI score0.01982EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.11 views

PT-2026-53606

SGLang's encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads without authentication...

9.8CVSS6.4AI score0.01158EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.11 views

PT-2026-53194

Name of the Vulnerable Software and Affected Versions CherryHQ cherry-studio versions prior to 1.9.7 Description Improper authorization exists in the MCP OAuth Local Callback Server component within the src/main/services/mcp/oauth/callback.ts file. A remote attacker can manipulate the code argume...

6.3CVSS6.2AI score0.00264EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.14 views

PT-2026-53301

Unauthenticated Broken Access Control in Japanized For WooCommerce = 2.9.12 versions...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.18 views

PT-2026-53288

Subscriber Broken Access Control in MainWP = 6.1.1 versions...

6.3CVSS5.8AI score0.00249EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.17 views

PT-2026-53674

SigNoz through 0.130.1 contains a broken access control vulnerability that allows authenticated users to access other organizations' alert rules by supplying a target rule UUID, as the alert rule store predicates fail to filter by organization ID. Attackers can read, edit, and delete alert rules...

6.4CVSS5.8AI score0.00177EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.9 views

PT-2026-53526

The vulnerability arises from the way the url parameter is incorporated into the command string without proper validation or sanitization. If the url is constructed from untrusted sources, an attacker could potentially inject malicious commands...

9.3CVSS5.8AI score0.00456EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.11 views

PT-2026-53203

A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...

6.9CVSS5.6AI score0.00286EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.13 views

PT-2026-53303

Name of the Vulnerable Software and Affected Versions Devolutions PowerShell Universal version 2026.2.0 Description An information disclosure issue exists in the AI Agent job API. An authenticated user with AI Agent read access can obtain reusable, potentially higher-privileged authentication...

6.5CVSS5.8AI score0.00255EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53172

A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...

9CVSS8AI score0.00466EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53513

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address...

9.1CVSS5.8AI score0.04248EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53669

Name of the Vulnerable Software and Affected Versions Mythic versions prior to 3.4.0.60 Description A broken Hasura permission filter exists on the payload build step table. This issue involves an always-satisfied or condition that bypasses operation-scoped access controls. Consequently,...

7.1CVSS6AI score0.00246EPSS
Exploits0References9
Total number of security vulnerabilities184382