9.8
CVE-2026-34934 - PraisonAI: Second-Order SQL Injection in `get_all_user_threads`
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the get_all_user_threads function constructs raw SQL queries using f-strings with unescaped thread IDs fetched from the database. An attacker stores a malicious thread ID via update_thread. When the application loads the thread list,β¦
9.8
CVE-2026-34935 - PraisonAI: OS Command Injection in MCPHandler.parse_mcp_command()
PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI argument is passed directly to shlex.split() and forwarded through the call chain to anyio.open_process() with no validation, allowlist check, or sanitization at any hop, allowing arbitrary OS commaβ¦
5.9
CVE-2017-20233 - Hirschmann HiLCOS Layer-2 Firewall Multicast Broadcast Traffic Bypass
Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correctly filter IPv4 multicast and broadcast traffic when management IP address filtering is disabled, allowing configured filter rules to be bypassed. Attackers with network access caβ¦
9.3
CVE-2018-25236 - Hirschmann HiOS HiSecOS Authentication Bypass via HTTP Management
Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by crafting specially formed HTTP requests. Attaβ¦
5.5
CVE-2026-34933 - Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashesβ¦
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-β¦
7.5
CVE-2026-34824 - Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service
Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession of β¦
10
CVE-2026-34612 - Kestra: Remote Code Execution via SQL Injection
Kestra is an open-source, event-driven orchestration platform. Prior to version 1.3.7, Kestra (default docker-compose deployment) contains a SQL Injection vulnerability that leads to Remote Code Execution (RCE) in the following endpoint "GET /api/v1/main/flows/search". Once a user is authenticated,β¦
9.3
CVE-2021-4477 - Hirschmann HiLCOS OpenBAT BAT450 IPv6 IPsec Firewall Bypass
Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec deployments that allows traffic from VPN connections to bypass configured firewall rules. Attackers can exploit this vulnerability by establishing IPv6 IPsec connections (IKEv1 or IKEv2) while simultβ¦
6.5
CVE-2026-34788 - Emlog: SQL Injection in tag_model::updateTagName() via unsanitized parameters
Emlog is an open source website building system. In versions 2.6.2 and prior, a SQL injection vulnerability exists in include/model/tag_model.php at line 168. The updateTagName() function directly interpolates user input into the SQL query string without using parameterized queries or proper escapiβ¦
6.5
CVE-2026-34787 - Emlog: Local File Inclusion in plugin.php via unsanitized plugin parameter
Emlog is an open source website building system. In versions 2.6.2 and prior, a Local File Inclusion (LFI) vulnerability exists in admin/plugin.php at line 80. The $plugin parameter from the GET request is directly used in a require_once path without proper sanitization. If the CSRF token check canβ¦