| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Known vulnerabilities affecting Python products and systems
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-5271 | pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated comman... | 7.8 | 431 | Neutral | No | Yes |
| CVE-2026-4538 | A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be pe... | 7.8 | 517 | Neutral | No | Yes |
| CVE-2026-4519 | The webbrowser.open() API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended t... | 3.3 | 180 | Neutral | No | Yes |
| CVE-2026-44339 | ### Summary `praisonaiagents` resolves unresolved tool names against module globals and `__main__` after it fails to match the declared tool list and the registry. With the default agent configuration... | 8.6 | 536 | Neutral | No | Yes |
| CVE-2026-44335 | ### Summary The URL checking logic in PraisonAI has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. ### Details The current PraisonAI project uses _validate_url to valida... | 9.8 | 717 | Neutral | No | Yes |
| CVE-2026-44244 | `GitConfigParser.set_value()` passes values to Python's `configparser` without validating for newlines. GitPython's own `_write()` converts embedded newlines into indented continuation lines (e.g. `\n... | 7.8 | 594 | Neutral | No | Yes |
| CVE-2026-44243 | ## 🧾 Summary A vulnerability in **GitPython** allows **attackers who can supply a crafted reference path to an application using GitPython** to **write, overwrite, move, or delete files outside the ... | 7.1 | 427 | Neutral | No | Yes |
| CVE-2026-43003 | An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes grub-install from within a chroot of the deployed partition image, leading t... | 7.5 | 379 | Neutral | No | Yes |
| CVE-2026-4269 | ## Summary An issue has been identified in the Bedrock AgentCore Starter Toolkit versions prior to v0.1.13 that may allow a remote actor to inject code during the build process, leading to code execut... | 7.5 | 379 | Neutral | No | Yes |
| CVE-2026-42310 | ### Impact An attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. ### Patches Patched version: 12.2.0. PdfPa... | 5.5 | 125 | Neutral | No | Yes |
| CVE-2026-42309 | Passing nested lists as coordinates to APIs that accept coordinates such as `ImagePath.Path`, `ImageDraw.ImageDraw.polygon` and `ImageDraw.ImageDraw.line` could cause a heap buffer overflow, as nested... | 5.5 | 125 | Neutral | No | Yes |
| CVE-2026-42308 | If a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This has been fixed. | 5.5 | 125 | Neutral | No | Yes |
| CVE-2026-42284 | ### Summary `_clone()` validates `multi_options` as the original list, then executes `shlex.split(" ".join(multi_options))`. A string like `"--branch main --config core.hooksPath=/x"` passes validati... | 9.8 | 588 | Neutral | No | Yes |
| CVE-2026-42215 | ### Summary GitPython blocks dangerous Git options such as `--upload-pack` and `--receive-pack` by default, but the equivalent Python kwargs `upload_pack` and `receive_pack` bypass that check. If an a... | 8.8 | 708 | Neutral | No | Yes |
| CVE-2026-41496 | The fix for [CVE-2026-40315](https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-x783-xp3g-mqhp) added input validation to `SQLiteConversationStore` only. Nine sibling backends — MySQL... | 8.1 | 605 | Neutral | No | Yes |
| CVE-2026-41206 | ### Summary The plugin security validator in PySpector uses AST-based static analysis to prevent dangerous code from being loaded as plugins. The blocklist implemented in `PluginSecurity.validate_plu... | 7.8 | 431 | Neutral | No | Yes |
| CVE-2026-40594 | ## Summary The `set_session_cookie_secure` `before_request` handler in `src/pyload/webui/app/__init__.py` reads the `X-Forwarded-Proto` header from any HTTP request without validating that the reques... | 4.8 | 112 | Neutral | No | Yes |
| CVE-2026-40347 | ### Summary A denial of service vulnerability exists when parsing crafted `multipart/form-data` requests with large preamble or epilogue sections. ### Details Two inefficient multipart parsing path... | 5.3 | 124 | Neutral | No | Yes |
| CVE-2026-40289 | ### Summary `praisonai browser start` exposes the browser bridge on `0.0.0.0` by default, and its `/ws` endpoint accepts websocket clients that omit the `Origin` header entirely. An unauthenticated ne... | 9.1 | 696 | Neutral | No | Yes |
| CVE-2026-40288 | `praisonai workflow run <file.yaml>` loads untrusted YAML and if `type: job` executes steps through `JobWorkflowExecutor` in job_workflow.py. This supports: - `run:` → shell command execution via `su... | 9.8 | 751 | Neutral | No | Yes |