CRITICAL9.1NASA AMMOS Instrument Toolkit: Path traversal resulting in arbitrary file append (can be triggered over the network by unauthenticated attacker)
CRITICAL9.1Apache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user pattern
CRITICAL9.6praisonai-platform: Any workspace member can add arbitrary user as owner via POST /workspaces/{id}/members
CRITICAL9.6praisonai-platform: Any workspace member can promote themselves or others to owner via PATCH /workspaces/{id}/members/{user_id}
CRITICAL9.8praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me", allowing token forgery for any user when PLATFORM_ENV is unset
CRITICAL9.8PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution
CRITICAL9.9PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)
CRITICAL9.8PraisonAI `deploy --type api` emits a Flask server with authentication disabled by default
CRITICAL9.8PraisonAI call server exposes unauthenticated agent listing, invocation, and deletion when CALL_SERVER_TOKEN is unset
CRITICAL9.8EPSS 0.08%amazon-redshift-python-driver vulnerable to Remote Code Execution via eval() Injection
CRITICAL9.6EPSS 0.04%Improper Origin Validation in mlflow/mlflow
CRITICAL9.1Yamcs Vulnerable to Authenticated Remote Code Execution (RCE) via Jython Algorithm Code Injection
CRITICAL9.8Yamcs Vulnerable to Remote Code Execution via Mission Database algorithm override
CRITICAL9.8EPSS 0.08%Langroid has Prompt to SQL Injection, Leading to RCE
CRITICAL9.1Yamcs Vulnerable to Server-Side Code Injection (RCE) via Janino Expression Engine in `JavaExprAlgorithmExecutionFactory`