Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client.
praisonai-platform: Any workspace member can promote themselves or others to owner via PATCH /workspaces/{id}/members/{user_id}
praisonai-platform: Missing authorization on member removal enables full workspace takeover by any user regardless of role
praisonai-platform: Label endpoints' unchecked label_id/issue_id enable cross-workspace label IDOR (edit, delete, link)
praisonai-platform: IDOR in dependency endpoints allows cross-workspace issue linking, reading, and deletion due to missing ownership checks
praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me", allowing token forgery for any user when PLATFORM_ENV is unset
PraisonAI Platform: Missing role checks let any workspace member become owner and control workspace membership
PraisonAI Platform workspace-scoped routes allow cross-workspace object access by global object ID
PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation
praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership
PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API
PraisonAI has an Arbitrary File Write in Python API
PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution
PraisonAI vulnerable to unauthenticated arbitrary file read via MCP workflow.show, workflow.validate, deploy.validate
PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)
PraisonAI CLI automatically resolves @url mentions in prompt text and can read loopback URLs into model context
PraisonAI `deploy --type api` emits a Flask server with authentication disabled by default
PraisonAI call server exposes unauthenticated agent listing, invocation, and deletion when CALL_SERVER_TOKEN is unset
PraisonAI spider_tools SSRF protection bypass via alternate loopback host encodings
PraisonAI: Arbitrary code execution via unguarded `spec.loader.exec_module` in `agents_generator.py` - sibling of CVE-2026-44334