9.8
CVE-2026-0769 - Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability
Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the impl…
9.8
CVE-2026-0768 - Langflow code Code Injection Remote Code Execution Vulnerability
Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the code param…
6.5
CVE-2026-0767 - Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability
Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw exi…
8.8
CVE-2026-0766 - Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability
Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability. The specific flaw exists within the load_…
8.8
CVE-2026-0765 - Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerabili…
Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability. The specific flaw exists wi…
9.8
CVE-2026-0764 - GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability
GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit this vulnerability. The specific flaw exists within t…
9.8
CVE-2026-0763 - GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution…
GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit this vulnerability. The speci…
8.1
CVE-2026-0762 - GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability
GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Interaction with a malicious DAAS server is required to exploit this vulnerability but atta…
9.8
CVE-2026-0761 - Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerab…
Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The s…
9.8
CVE-2026-0760 - Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Executi…
Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerabil…