Denial Of Service

React Server Components is vulnerable to Denial of Service. The vulnerability is due to specially crafted HTTP requests to Server Function endpoints, where the payload of the HTTP request causes excessive CPU usage for up to a minute ending in a thrown error that is catchable...

Header Injection

Axios is vulnerable to Header Injection. The vulnerability is due to the presence of a gadget chain that allows existing Prototype Pollution in dependent code to be escalated, enabling attackers to achieve remote code execution or access sensitive resources such as AWS IMDSv2 metadata...

Prototype Pollution

LangSmith is vulnerable to Prototype Pollution. The vulnerability is due to an incomplete prototype pollution fix in its internally vendored lodash set utility, where the baseAssignValue function only guards against the proto key, but fails to prevent traversal via constructor.prototype, and...

Command Injection

PraisonAIAgents is vulnerable to Command Injection. The vulnerability is due to passing user-controlled command strings directly to subprocess.run with shell=True without sanitization, which allows an attacker to execute arbitrary system commands through crafted inputs or malicious hook...

Directory Traversal

PraisonAI is vulnerable to Directory Traversal. The vulnerability is due to unsafe extraction of archive files without validating member paths, which allows an attacker to overwrite arbitrary files outside the intended directory...

Remote Code Execution (RCE)

stata-mcp is vulnerable to Remote Code Execution RCE. The vulnerability is due to insufficient validation of user-supplied Stata do-file content, which allows an attacker to inject and execute arbitrary commands...

MLflow Is Vulnerable To Stored Cross-Site Scripting (XSS) Caused By Unsafe Parsing Of YAML-based MLmodel Artifacts In It

MLflow is vulnerable to Stored Cross-Site Scripting XSS caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actio...

Eval Injection

Agno is vulnerable to Eval Injection. The vulnerability is due to unsafe use of eval on the fieldtype parameter without proper validation, which allows an attacker to execute arbitrary Python code by manipulating input...

Missing Authentication For Critical Function

marimo is vulnerable to Missing Authentication For Critical Function. The vulnerability is due to missing authentication validation in the /terminal/ws WebSocket endpoint, which allows an attacker to establish a shell and execute arbitrary system commands without authentication...

MLflow Is Vulnerable To An Authorization Bypass Affecting The AJAX Endpoint

MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...

Authentication Bypass

GenieACS is vulnerable to Authentication Bypass. The vulnerability is due to missing authentication checks in the NBI API endpoint, which allows an attacker to access the API without proper authorization...

Authentication Bypass

ajenti.plugin.core is vulnerable to Authentication Bypass. The vulnerability is due to improper enforcement of password authentication when 2FA is enabled, which allows an attacker to bypass login controls and gain unauthorized access...

Ajenti.plugin.core Has Race Conditions In 2FA

Impact If the 2FA was activated, it was possible during a short moment after the authentication of an user to bypass its authentication. Patches This is fixed in the version 0.112. Users should upgrade to this version as soon as possible...

Server-Side Request Forgery (SSRF)

pyLoad is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to missing validation of redirect targets during URL fetching, which allows an attacker to supply a crafted URL that redirects to internal resources and bypass SSRF protections...

Arbitrary Code Execution

Lupa is vulnerable to Arbitrary Code Execution. The vulnerability is due to inconsistent enforcement of attributefilter when attributes are accessed via built-in functions like getattr and setattr, allowing attackers to bypass restrictions and potentially achieve arbitrary code execution...

Pypdf: Manipulated XMP Metadata Entity Declarations Can Exhaust RAM

Impact An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. Patches This has been fixed in "pypdf==6.10.0" https://github.com/py-pdf/pypdf/releases/tag/6.10.0. Workarounds If you cannot upgrade yet, consider applying th...

Improper Output Handling

Apache Log4j is vulnerable to Improper Output Handling. The vulnerability is due to JsonTemplateLayout generating invalid JSON when processing non-finite floating-point values e.g., NaN, Infinity, which are not compliant with RFC 8259, allowing attacker-controlled data in log events to produce...

Denial Of Service (DoS)

Apache Cassandra is vulnerable to Denial Of Service DoS. The vulnerability is due to inefficient handling of repeated password change operations, which allows an attacker to trigger increased query latency and degrade system performance...

Sensitive Information Disclosure

Apache Cassandra is vulnerable to Sensitive Information Disclosure. The vulnerability is due to storing sensitive data such as passwords in plaintext within the cqlsh history file, which allows an attacker with local access to read and retrieve sensitive information...

DNS Rebinding

MCP Java SDK is vulnerable to DNS Rebinding. The vulnerability is due to lack of Origin Validation, allowing a malicious website to bypass same-origin restrictions and access a local or network-private MCP server via the victim’s browser, enabling unauthorized tool invocation...

Improper Output Handling

Apache Log4j Core is vulnerable to Improper Output Handling. The vulnerability is due to XmlLayout failing to sanitize characters forbidden by the XML 1.0 specification, allowing log messages or MDC values to produce malformed XML or trigger exceptions during logging, which can lead to dropped or...

Improper Authentication

github.com/zitadel/zitadel is vulnerable to improper authentication. The vulnerability is due to MFA being enforced only when explicitly required by policy, which allows an attacker to bypass additional authentication factors and exploit weaker single-factor sessions, potentially compromising...

Host Header Injection

github.com/zitadel/zitadel is vulnerable to Host Header Injection. The vulnerability is due to improper validation of the Forwarded or X-Forwarded-Host headers when generating password reset links, which allows an attacker to manipulate the link to a malicious domain and capture the reset code,...

Missing Authorization

Django is vulnerable to Missing Authorization. The vulnerability is due to missing validation of add permissions for inline model instances in GenericInlineModelAdmin, which allows an attacker to submit forged POST data and create unauthorized objects...

Regular Expression Denial Of Service (ReDoS)

minimatch is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient handling of multiple consecutive wildcards in glob patterns, leading to exponential backtracking in regex evaluation, which allows an attacker to cause significant performance degradatio...

Regular Expression Denial Of Service (ReDoS)

minimatch is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to nested extglob patterns generating regex with unbounded quantifiers, which allows an attacker to trigger catastrophic backtracking via crafted patterns and inputs, leading to significant performance...

Improper Input Validation

OAuth2-Proxy is vulnerable to improper input validation. The vulnerability is due to inconsistent normalization of underscores and dashes in X-Forwarded- headers, which allows an attacker to inject crafted header variants to bypass proxy filtering and potentially escalate privileges in upstream...

Regular Expression Denial Of Service (ReDoS)

minimatch is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to unbounded recursive processing in matchOne when handling multiple non-adjacent GLOBSTAR patterns, which allows an attacker to supply crafted glob inputs that significantly delay execution and block...

Type Confusion

Handlebars is vulnerable to Type Confusion. The vulnerability is due to unsanitized handling of pre-parsed AST input in Handlebars.compile, which allows an attacker to inject malicious JavaScript via crafted AST nodes and execute arbitrary code...

Content-Type Override

Parse Server is vulnerable to Content-Type Override. The vulnerability is due to missing consistency validation between the file extension and the provided Content-Type header, where the Content-Type is passed unchanged to storage adapters that serve files based on this header, allowing an attack...

Path Traversal

OpenCart is vulnerable to Path Traversal. The vulnerability is due to insufficient validation of file paths in the installer.php component of the Extension Installer Page, where crafted input can traverse directories and an attacker can exploit it remotely...

Server-Side Request Forgery (SSRF)

github.com/charmbracelet/soft-serve is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to lack of validation in webhook URLs, which allows an attacker to create malicious webhooks that target internal services, private networks, and cloud metadata endpoints...

Improper Privilege Management

kubevirt.io/kubevirt is vulnerable to improper privilege management. The vulnerability is due to excessive permissions granted to the virt-handler service account, which allows an attacker to abuse update and patch capabilities to force VMI migration or schedule privileged pods onto a compromised...

Improper Certificate Validation

kubevirt.io/kubevirt is vulnerable to improper certificate validation. The vulnerability is due to flawed peer verification logic in virt-handler, which allows an attacker to exploit shared credentials from a compromised instance to impersonate virt-api and execute privileged operations on other...

Improper Link Resolution

kubevirt.io/kubevirt is vulnerable to improper link resolution. The vulnerability is due to lack of verification of whether the launcher-sock is a symlink or regular file, which allows an attacker with control over the virt-launcher pod file system to manipulate file ownership on the host and...

Uncontrolled Resource Consumption

github.com/containerd/containerd is vulnerable to uncontrolled resource consumption. The vulnerability is due to goroutine leaks in the attach mechanism, which allows an attacker to exhaust host memory by repeatedly initiating attach requests...

Logic Flaw

KubeVirt is vulnerable to a logic flaw. The vulnerability is due to improper validation in the virt-controller, which allows an attacker to create a malicious pod with matching labels to mislead the controller and disrupt VMI management, leading to denial-of-service...

Improper Symlink Handling

kubevirt.io/kubevirt is vulnerable to improper symlink handling. The vulnerability is due to improper validation of symbolic links in PVC disk mounting along with incorrect file ownership changes, which allows an attacker with control over PVC contents to create malicious symlinks and read...

XML Entity Expansion

fast-xml-parser is vulnerable to XML Entity Expansion. The vulnerability is due to missing enforcement of entity expansion limits for numeric and standard XML entities, which allows an attacker to supply crafted XML with excessive entity references to trigger high memory and CPU consumption leadi...

Improper Authentication Validation

github.com/mattermost/mattermost-server is vulnerable to improper authentication validation. The vulnerability is due to failure to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated attacker to perform account takeover ...

Information Disclosure

openexr is vulnerable to an information disclosure. The vulnerability is due to improper handling of heap memory during image decoding, which allows an attacker to craft a malicious EXR file that leaks sensitive memory data when processed...

Memory Exhaustion

aiohttp is vulnerable to Memory Exhaustion. The vulnerability is due to insufficient restrictions in header/trailer handling, where unlimited trailer headers are accepted and an attacker can send a request or response with many trailers to cause uncapped memory usage...

Claude SDK For Python: Memory Tool Path Validation Race Condition Allows Sandbox Escape

The async local filesystem memory tool in the Anthropic Python SDK validated that model-supplied paths resolved inside the sandboxed memory directory, but then returned the unresolved path for subsequent file operations. A local attacker able to write to the memory directory could retarget a...

Insecure File Permissions

Claude SDK for Python is vulnerable to insecure file permissions. The vulnerability is due to the memory tool creating files with mode 0o666, where the files are world‑readable on systems with a standard umask and world‑writable in environments with a permissive umask, and a local attacker on a...

Multipart Header Bypass

aiohttp is vulnerable to a Multipart Header Bypass. The vulnerability is due to insufficient size checks on multipart headers, where multipart headers are not subject to the same size restrictions as normal headers and an attacker can craft a response with an excessive number of multipart headers...

Out-of-bounds Write

OpenEXR is vulnerable to Out-of-bounds Write. The vulnerability is due to improper bounds checking when decoding crafted B44 or B44A EXR files, which allows an attacker to trigger memory corruption or crash the application...

Header Injection

aiohttp is vulnerable to Header Injection. The vulnerability is due to the C parser llhttp accepting null bytes and control characters in response header values, where crafted header values containing these characters can be interpreted differently by the application or downstream proxies,...

FastMCP OpenAPI Provider Has An SSRF & Path Traversal Vulnerability

Technical Description The "OpenAPIProvider" in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The "RequestDirector" class is responsible for constructing HTTP requests to the backend service. A critical vulnerability exists in the "buildurl" method. When an OpenAP...

SQL Injection

alerta-server is vulnerable to SQL Injection. The vulnerability is due to direct interpolation of user-supplied query parameters into SQL statements without sanitization, which allows an attacker to inject and execute arbitrary SQL queries...

AIOHTTP Leaks Cookie And Proxy-Authorization Headers On Cross-origin Redirect

Summary When following redirects to a different origin, aiohttp drops the Authorization header, but retains the Cookie and Proxy-Authorization headers. Impact The Cookie and Proxy-Authorizations headers could contain sensitive information which may be leaked to an unintended party after following...