Résumé
CoreWCF: Unix Domain Socket PosixIdentity transport accepts connections that skip the security upgrade
Références
Vulnérabilités liées
Tout Supply chain →- MEDIUMGHSA-JR33-MW75-7J8F
dbt MCP Server: Unauthenticated OAuth Context Endpoint Leaks dbt Platform Tokens
- HIGHGHSA-FQ4X-789W-JG5H
AgenticMail: Unauthenticated inbound mail triggers bypassPermissions resume of the operator's Claude Code session (bridge-wake)
- HIGHGHSA-JXCW-QP4H-6JFQ
PraisonAI A2U incomplete authentication fix leaves current serve command unauthenticated by default
- CRITICALGHSA-J4F3-55X4-R6Q2
npm PraisonAI MCPServer exposes unauthenticated HTTP tools/call
- CRITICALGHSA-9752-MHQH-H34F
npm PraisonAI AgentOS exposes unauthenticated agent listing and invocation
- CRITICALGHSA-P75F-6FP4-P57W
PraisonAI: Missing Authentication for Critical Function and Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in praisonai