CVE-2026-59791 - JetBrains YouTrack CSS Injection
CVE ID :CVE-2026-59791
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-59791
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-59792 - JetBrains IntelliJ IDEA Path Traversal Remote Code Execution
CVE ID :CVE-2026-59792
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-59792
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-59793 - JetBrains TeamCity Perforce VCS Integration Arbitrary File Access Vulnerability
CVE ID :CVE-2026-59793
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-59793
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-59794 - JetBrains TeamCity Stored Cross-Site Scripting Vulnerability
CVE ID :CVE-2026-59794
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-59794
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-59795 - JetBrains TeamCity Stored Cross-Site Scripting
CVE ID :CVE-2026-59795
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-59795
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-59796 - JetBrains TeamCity Unauthorized Pipeline Modification Vulnerability
CVE ID :CVE-2026-59796
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-59796
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-60086 - PraisonAI before 4.6.78 Prompt Injection Defense Bypass
CVE ID :CVE-2026-60086
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI before 4.6.78 contains a prompt injection defense bypass vulnerability where the injection defense only blocks threats classified as CRITICAL, requiring three or more detector families to match simultaneously. Attackers can craft single or double-vector prompt injections that are classified as HIGH threat level and pass through unblocked to reach the model.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-60086
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI before 4.6.78 contains a prompt injection defense bypass vulnerability where the injection defense only blocks threats classified as CRITICAL, requiring three or more detector families to match simultaneously. Attackers can craft single or double-vector prompt injections that are classified as HIGH threat level and pass through unblocked to reach the model.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-60089 - PraisonAI before 1.6.78 Path Traversal via config.toml
CVE ID :CVE-2026-60089
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI (pip package praisonaiagents) before 1.6.78 automatically loads defaults from a project-local .praisonai/config.toml when constructing an Agent, and does not validate the defaults.output.output_file path. A repository-controlled config file can set output_file to an absolute or '..' traversal path; when the developer subsequently calls agent.start() without explicitly passing an output parameter, PraisonAI writes the agent response to that path (creating parent directories as needed), allowing an untrusted checked-out project to overwrite files outside the project root with the privileges of the user running PraisonAI.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-60089
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI (pip package praisonaiagents) before 1.6.78 automatically loads defaults from a project-local .praisonai/config.toml when constructing an Agent, and does not validate the defaults.output.output_file path. A repository-controlled config file can set output_file to an absolute or '..' traversal path; when the developer subsequently calls agent.start() without explicitly passing an output parameter, PraisonAI writes the agent response to that path (creating parent directories as needed), allowing an untrusted checked-out project to overwrite files outside the project root with the privileges of the user running PraisonAI.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-60091 - PraisonAI before 4.6.78 Unauthenticated SSRF via webhook_url
CVE ID :CVE-2026-60091
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI before 4.6.78 contains an unauthenticated server-side request forgery vulnerability in the Jobs API /api/v1/runs endpoint. The webhook_url parameter is validated at request time but re-resolved at connection time, allowing attackers to use DNS rebinding to reach internal services with a blind SSRF attack.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-60091
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI before 4.6.78 contains an unauthenticated server-side request forgery vulnerability in the Jobs API /api/v1/runs endpoint. The webhook_url parameter is validated at request time but re-resolved at connection time, allowing attackers to use DNS rebinding to reach internal services with a blind SSRF attack.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-61431 - PraisonAI before 4.6.78 Path Traversal via ContextGatherer
CVE ID :CVE-2026-61431
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI before 4.6.78 contains a path traversal vulnerability in ContextGatherer that fails to validate include paths in .praisoncontext and .praisoninclude files. Attackers can supply absolute paths or parent directory traversal sequences to read arbitrary files outside the workspace and include their contents in the generated context bundle.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-61431
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI before 4.6.78 contains a path traversal vulnerability in ContextGatherer that fails to validate include paths in .praisoncontext and .praisoninclude files. Attackers can supply absolute paths or parent directory traversal sequences to read arbitrary files outside the workspace and include their contents in the generated context bundle.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-61432 - PraisonAI FastContext before 1.6.78 Path Traversal
CVE ID :CVE-2026-61432
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI (praisonaiagents) before 1.6.78 contains a path traversal vulnerability in the FastContext feature (praisonaiagents.context.fast). FastContextAgent.execute_tool() prepends the configured workspace_path only for relative paths and neither rejects absolute paths nor canonicalizes joined paths before enforcing workspace containment. As a result, tool arguments or model-generated function calls to grep_search, glob_search, read_file, or list_directory can supply absolute paths or '../' traversal sequences to read, search, and enumerate files outside the intended workspace directory, with file contents returned to the caller or injected into the model's tool-result context.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-61432
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI (praisonaiagents) before 1.6.78 contains a path traversal vulnerability in the FastContext feature (praisonaiagents.context.fast). FastContextAgent.execute_tool() prepends the configured workspace_path only for relative paths and neither rejects absolute paths nor canonicalizes joined paths before enforcing workspace containment. As a result, tool arguments or model-generated function calls to grep_search, glob_search, read_file, or list_directory can supply absolute paths or '../' traversal sequences to read, search, and enumerate files outside the intended workspace directory, with file contents returned to the caller or injected into the model's tool-result context.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-61434 - PraisonAI before 4.6.78 Allowlist Bypass via find -exec
CVE ID :CVE-2026-61434
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI versions before 4.6.78 contain an allowlist bypass vulnerability in shell command execution that allows attackers to execute restricted commands via find's built-in -exec, -execdir, and -delete actions. Attackers can craft find commands with these built-in actions to read blocked files, delete files, or execute non-allowlisted binaries without triggering shell metacharacter filters.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-61434
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI versions before 4.6.78 contain an allowlist bypass vulnerability in shell command execution that allows attackers to execute restricted commands via find's built-in -exec, -execdir, and -delete actions. Attackers can craft find commands with these built-in actions to read blocked files, delete files, or execute non-allowlisted binaries without triggering shell metacharacter filters.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-61437 - PraisonAI before 1.6.78 Remote Code Execution via tools.py
CVE ID :CVE-2026-61437
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI (pip package praisonaiagents) before 1.6.78 contains an unsafe dynamic module loading vulnerability in AgentFlow._resolve_pydantic_class (src/praisonai-agents/praisonaiagents/workflows/workflows.py). When a workflow step uses a string output_pydantic reference, the framework locates and imports a sibling tools.py from the workflow file's directory via importlib exec_module without sandboxing, ignoring the PRAISONAI_ALLOW_*_TOOLS environment variables. An attacker who controls a workflow file and its sibling tools.py can execute arbitrary Python code with the workflow runner's privileges when the workflow is executed via WorkflowManager or after load_yaml.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-61437
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI (pip package praisonaiagents) before 1.6.78 contains an unsafe dynamic module loading vulnerability in AgentFlow._resolve_pydantic_class (src/praisonai-agents/praisonaiagents/workflows/workflows.py). When a workflow step uses a string output_pydantic reference, the framework locates and imports a sibling tools.py from the workflow file's directory via importlib exec_module without sandboxing, ignoring the PRAISONAI_ALLOW_*_TOOLS environment variables. An attacker who controls a workflow file and its sibling tools.py can execute arbitrary Python code with the workflow runner's privileges when the workflow is executed via WorkflowManager or after load_yaml.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-61441 - PraisonAI Platform before 0.1.9 Authorization Bypass via Dependencies
CVE ID :CVE-2026-61441
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI Platform (praisonai-platform) before 0.1.9 improperly authorizes deletion of issue dependencies. The DELETE dependency route accepts either endpoint of a dependency edge and checks delete permission only against the caller-selected URL issue. A workspace member who cannot delete a dependency through an owner-created issue endpoint (which returns 403) can delete the same dependency edge by targeting a related member-owned issue endpoint, because permission is validated against the member-owned issue's owner. This allows members to bypass owner/admin authorization and remove owner-created issue dependencies.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-61441
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI Platform (praisonai-platform) before 0.1.9 improperly authorizes deletion of issue dependencies. The DELETE dependency route accepts either endpoint of a dependency edge and checks delete permission only against the caller-selected URL issue. A workspace member who cannot delete a dependency through an owner-created issue endpoint (which returns 403) can delete the same dependency edge by targeting a related member-owned issue endpoint, because permission is validated against the member-owned issue's owner. This allows members to bypass owner/admin authorization and remove owner-created issue dependencies.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-61444 - PraisonAI before 4.6.78 Code Injection via f-string
CVE ID :CVE-2026-61444
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where the agents_file parameter is directly interpolated into an f-string without sanitization. Attackers can inject arbitrary Python code that executes when the generated server code runs via subprocess.Popen().
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-61444
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where the agents_file parameter is directly interpolated into an f-string without sanitization. Attackers can inject arbitrary Python code that executes when the generated server code runs via subprocess.Popen().
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-61450 - Grav before 2.0.2 Config Exfiltration via offsetGet Filter
CVE ID :CVE-2026-61450
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :Grav before 2.0.2 contains a Twig sandbox bypass that allows a page author (any admin.pages user, or anyone able to write to user/pages) to exfiltrate configuration secrets. Although the sandbox replaces the 'config' variable with a redacted facade and strips Config::get/toArray from the method allowlist, the raw container remains accessible via the allow-listed grav.offsetGet('config'), which returns the real Config object. Allow-listed object-dumping filters (json_encode, print_r, yaml_encode) then serialize that object at the PHP level without invoking the sandbox method gate, exposing the full config tree including plugin secrets such as SMTP credentials, API keys, and plugin DB credentials. This is an incomplete fix for GHSA-j274-39qw-32c9.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-61450
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :Grav before 2.0.2 contains a Twig sandbox bypass that allows a page author (any admin.pages user, or anyone able to write to user/pages) to exfiltrate configuration secrets. Although the sandbox replaces the 'config' variable with a redacted facade and strips Config::get/toArray from the method allowlist, the raw container remains accessible via the allow-listed grav.offsetGet('config'), which returns the real Config object. Allow-listed object-dumping filters (json_encode, print_r, yaml_encode) then serialize that object at the PHP level without invoking the sandbox method gate, exposing the full config tree including plugin secrets such as SMTP credentials, API keys, and plugin DB credentials. This is an incomplete fix for GHSA-j274-39qw-32c9.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-61455 - Grav before 2.0.1 Decompression Bomb via ZipArchiver
CVE ID :CVE-2026-61455
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :Grav before 2.0.1 contains a decompression bomb vulnerability in ZipArchiver::extract() that lacks limits on uncompressed size, file count, and nesting depth. Attackers can supply a crafted ZIP archive that expands to fill available disk space, causing denial of service by exhausting storage resources.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-61455
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :Grav before 2.0.1 contains a decompression bomb vulnerability in ZipArchiver::extract() that lacks limits on uncompressed size, file count, and nesting depth. Attackers can supply a crafted ZIP archive that expands to fill available disk space, causing denial of service by exhausting storage resources.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-61456 - Grav before 1.0.3 Stored XSS via SVG Upload API
CVE ID :CVE-2026-61456
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :The Grav API plugin (getgrav/grav-plugin-api) before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile() method validates only the file extension and never invokes Security::sanitizeSVG(), so an authenticated attacker with the api.media.write permission can upload an SVG containing arbitrary JavaScript. The file is stored unmodified and served with Content-Type: image/svg+xml; when an administrator opens it in a browser (directly or via /
CVE ID :CVE-2026-61456
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :The Grav API plugin (getgrav/grav-plugin-api) before 1.0.3 fails to sanitize SVG files uploaded through the POST /api/v1/media endpoint. The HandlesMediaUploads::processUploadedFile() method validates only the file extension and never invokes Security::sanitizeSVG(), so an authenticated attacker with the api.media.write permission can upload an SVG containing arbitrary JavaScript. The file is stored unmodified and served with Content-Type: image/svg+xml; when an administrator opens it in a browser (directly or via /
CVE-2026-61492 - JetBrains YouTrack Stored Cross-Site Scripting
CVE ID :CVE-2026-61492
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-61492
Published : July 10, 2026, 3:16 p.m. | 1 hour, 3 minutes ago
Description :In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-55501 - 9router: Login brute-force protection bypass via spoofed X-Forwarded-For header
CVE ID :CVE-2026-55501
Published : July 10, 2026, 3:23 p.m. | 56 minutes ago
Description :9Router is an AI router & token saver. Prior to 0.4.80, the dashboard login rate limiter in src/lib/auth/loginLimiter.js derives the client identity from the attacker-controlled X-Forwarded-For HTTP header, and src/app/api/auth/login/route.js uses that spoofable value for checkLock and recordFail. A remote attacker can rotate the X-Forwarded-For value on each login attempt to receive a fresh rate-limit bucket, bypass the 5-attempt threshold and progressive lockout durations, and perform unlimited brute-force attempts against the dashboard password. This issue is fixed in version 0.4.80.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-55501
Published : July 10, 2026, 3:23 p.m. | 56 minutes ago
Description :9Router is an AI router & token saver. Prior to 0.4.80, the dashboard login rate limiter in src/lib/auth/loginLimiter.js derives the client identity from the attacker-controlled X-Forwarded-For HTTP header, and src/app/api/auth/login/route.js uses that spoofable value for checkLock and recordFail. A remote attacker can rotate the X-Forwarded-For value on each login attempt to receive a fresh rate-limit bucket, bypass the 5-attempt threshold and progressive lockout durations, and perform unlimited brute-force attempts against the dashboard password. This issue is fixed in version 0.4.80.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-15143 - Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)
CVE ID :CVE-2026-15143
Published : July 10, 2026, 3:25 p.m. | 55 minutes ago
Description :A flaw was found in the file_type content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition (XSD) string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file reads, potentially resulting in sensitive information disclosure, such as cloud provider credentials or access to internal network services.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-15143
Published : July 10, 2026, 3:25 p.m. | 55 minutes ago
Description :A flaw was found in the file_type content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition (XSD) string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file reads, potentially resulting in sensitive information disclosure, such as cloud provider credentials or access to internal network services.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...