PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation
praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership
PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API
PraisonAI has an Arbitrary File Write in Python API
PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution
PraisonAI vulnerable to unauthenticated arbitrary file read via MCP workflow.show, workflow.validate, deploy.validate
PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)
PraisonAI CLI automatically resolves @url mentions in prompt text and can read loopback URLs into model context
PraisonAI `deploy --type api` emits a Flask server with authentication disabled by default
PraisonAI call server exposes unauthenticated agent listing, invocation, and deletion when CALL_SERVER_TOKEN is unset
PraisonAI spider_tools SSRF protection bypass via alternate loopback host encodings
PraisonAI: Arbitrary code execution via unguarded `spec.loader.exec_module` in `agents_generator.py` - sibling of CVE-2026-44334
A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with an Extreme Platform ONE /IAM-issued API key to receive response data for another tenant. The issue w...
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 0.20.0 to before version 2.0.10, an authenticated Nezha dashboard user can create or update a DDNS profile with provider webhook and configure an arbitrary webhook_url, HTTP method, reque...
Admidio: Any logged-in user can delete inventory fields via `mode=field_delete` โ incomplete fix of #2024
Admidio writes session IDs and auto-login cookie values to application logs
Admidio PKCS#12 private key export action lacks CSRF protection
Admidio has IDOR in `documents-files.php` `mode=move_save` that lets any folder-uploader exfiltrate files from private folders
Admidio: IDOR in documents-files.php allows cross-folder file rename and description changes by unauthorized uploaders
Admidio: CSRF in SSO client `enable` action toggles SAML/OIDC clients without token validation