|
2231
|
7.3 |
HIGH
Network
|
-
|
-
|
Se ha identificado una debilidad en Sinaptik AI PandasAI hasta la versión 3.0.0. Esta vulnerabilidad afecta a la función CodeExecutor.execute del archivo pandasai/core/code_execution/code_executor.py…
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-4998
|
2026-04-25 01:36 |
2026-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2232
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function cloneRepository of the file src/index.ts of the component add_git_repository/add_text_file. The manipulatio…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-5007
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2233
|
5.3 |
MEDIUM
Local
|
-
|
-
|
Se identificó una vulnerabilidad en kazuph mcp-docs-rag hasta la versión 0.5.0. La función afectada es cloneRepository del archivo src/index.ts del componente add_git_repository/add_text_file. La man…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-5007
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2234
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. Performing a manipulation of the argum…
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-5011
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2235
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in z-9527 admin up to 72aaf2dd05cf4ec2e98f390668b41e128eec5ad2. This issue affects the function uploadFile of the file /server/utils/upload.js of the compon…
|
CWE-22
Path Traversal
|
CVE-2026-4999
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2236
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Una vulnerabilidad de seguridad ha sido detectada en z-9527 admin hasta 72aaf2dd05cf4ec2e98f390668b41e128eec5ad2. Este problema afecta la función uploadFile del archivo /server/utils/upload.js del co…
|
CWE-22
Path Traversal
|
CVE-2026-4999
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2237
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. Impacted is the function LocalGPTHandler of the file backend/server.py of the component API Endp…
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-5000
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2238
|
7.3 |
HIGH
Network
|
-
|
-
|
Se detectó una vulnerabilidad en PromtEngineer localGPT hasta 4d41c7d1713b16b216d8e062e51a5dd88b20b054. Afectada es la función LocalGPTHandler del archivo backend/server.py del componente API Endpoin…
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-5000
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2239
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The affected element is the function do_POST of the file backend/server.py. This manipulation causes un…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-5001
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2240
|
7.3 |
HIGH
Network
|
-
|
-
|
Se ha encontrado una vulnerabilidad en PromtEngineer localGPT hasta 4d41c7d1713b16b216d8e062e51a5dd88b20b054. El elemento afectado es la función do_POST del archivo backend/servidor.py. Esta manipula…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-5001
|
2026-04-25 01:36 |
2026-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
