Common Weakness Enumeration

CWE-1188

Allowed

Initialization of a Resource with an Insecure Default

Abstraction: Base · Status: Incomplete

The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.

402 vulnerabilities reference this CWE, most recent first.

GHSA-6F2R-5P58-WVRF

Vulnerability from github – Published: 2025-11-04 03:30 – Updated: 2025-11-04 15:31
VLAI
Details

By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker can login to a restricted shell on the fourth attempt, and from there, relay connections.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-35021"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-04T01:15:33Z",
    "severity": "MODERATE"
  },
  "details": "By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker can login to a restricted shell on the fourth attempt, and from there, relay connections.",
  "id": "GHSA-6f2r-5p58-wvrf",
  "modified": "2025-11-04T15:31:31Z",
  "published": "2025-11-04T03:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-35021"
    },
    {
      "type": "WEB",
      "url": "https://support.abilis.net/relnotes/cpx2k/R9.0.html#R9.0.7"
    },
    {
      "type": "WEB",
      "url": "https://takeonme.org/cves/cve-2025-35021"
    },
    {
      "type": "WEB",
      "url": "https://takeonme.org/gcves/GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100"
    },
    {
      "type": "WEB",
      "url": "https://www.runzero.com/advisories/abilis-cpx-authentication-bypass-cve-2025-35021"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6G8Q-HP2J-GVWV

Vulnerability from github – Published: 2026-01-05 20:25 – Updated: 2026-01-08 21:18
VLAI
Summary
Harvest May Expose OS Default SSH Login Password Via SUSE Virtualization Interactive Installer
Details

Impact

Projects using the SUSE Virtualization (Harvester) environment are vulnerable to this exploit if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is utilized along with the Harvester configuration setup.

A critical vulnerability has been identified within the SUSE Virtualization interactive installer. This vulnerability allows an attacker to gain unauthorized network access to the host via a remote shell (SSH).

The SUSE Virtualization operating system includes a default administrative login credential intended solely for out-of-band cluster management tasks (for example, perform troubleshooting, device management and system recovery over serial ports). When the interactive installer is used to create or expand a cluster, the installer enables the host's networking functions before the default password is reset. This presents a window of opportunity for an attacker to exploit the default password to gain unauthorized access to the host via SSH.

Please consult the associated MITRE ATT&CK - Technique - Default Credentials for further information about this category of attack.

Patches

This vulnerability is addressed by updating the interactive installer to allow the user to reset the OS default login password, before proceeding to other system configuration screens like the host networking screen and before network connectivity for remote access to the host is actually enabled.

v1.7.0 and later include the necessary security fixes.

Workarounds

For environments that are dependent on the SUSE Virtualization 1.5 and 1.6 interactive installer, users should upgrade the clusters to SUSE Virtualization 1.7 and use the 1.7 installer to manage hosts. These versions allow users to reset the operating system's default administrative password before proceeding to other system configuration screens and before enabling network connectivity for remote host access.

Projects can also perform one of the following workarounds to mitigate the risk:

  • If upgrading to v1.7.x is not an option, use the PXE boot mechanism along with a configuration file to define a secure password.
  • Apply network security controls to limit access to the server from any untrusted location during bootstrapping. For example, ensure that port 22 is not exposed to the public internet until at least the default login password is changed to a secure value.

Resources

If users have any questions or comments about this advisory: * Reach out to the SUSE Rancher Security team for security related inquiries. * Open an issue in the Harvester repository. * Verify with the support matrix and product support lifecycle.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/harvester/harvester-installer"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.6.0"
            },
            {
              "last_affected": "1.6.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/harvester/harvester-installer"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.5.0"
            },
            {
              "last_affected": "1.5.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-62877"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-01-05T20:25:53Z",
    "nvd_published_at": "2026-01-08T13:15:41Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\n\nProjects using the SUSE Virtualization (Harvester) environment are vulnerable to this exploit if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster.  The environment is not affected if the [PXE boot mechanism](https://docs.harvesterhci.io/v1.7/install/pxe-boot-install/) is utilized along with the [Harvester configuration](https://docs.harvesterhci. io/v1.7/install/harvester-configuration) setup.\n\nA critical vulnerability has been identified within the SUSE Virtualization interactive installer. This vulnerability allows an attacker to gain unauthorized network access to the host via a remote shell (SSH).\n\nThe SUSE Virtualization operating system includes a default administrative login credential intended solely for out-of-band cluster management tasks (for example, perform troubleshooting, device management and system recovery over serial ports). When the interactive installer is used to create or expand a cluster, the installer enables the host\u0027s networking functions before the default password is reset. This presents a window of opportunity for an attacker to exploit the default password to gain unauthorized access to the host via SSH. \n\nPlease consult the associated  [MITRE ATT\u0026CK - Technique - Default Credentials](https://attack.mitre.org/techniques/T0812/) for further information about this category of attack.\n\n### Patches\n\nThis vulnerability is addressed by updating the interactive installer to allow the user to reset the OS default login password, before proceeding to other system configuration screens like the host networking screen and before network connectivity for remote access to the host is actually enabled. \n\nv1.7.0 and later include the necessary security fixes. \n\n### Workarounds\n\nFor environments that are dependent on the SUSE Virtualization 1.5 and 1.6 interactive installer, users should upgrade the clusters to SUSE Virtualization 1.7 and use the 1.7 installer to manage hosts. These versions allow users to reset the operating system\u0027s default administrative password before proceeding to other system configuration screens and before enabling network connectivity for remote host access.\n\nProjects can also perform one of the following workarounds to mitigate the risk:\n\n* If upgrading to v1.7.x is not an option, use the [PXE boot mechanism](https://docs.harvesterhci.io/v1.7/install/pxe-boot-install/) along with a configuration file to define a secure password. \n* Apply network security controls to limit access to the server from any untrusted location during bootstrapping. For example, ensure that port 22 is not exposed to the public internet until at least the default login password is changed to a secure value.\n\n### Resources\n\nIf users have any questions or comments about this advisory: \n* Reach out to the [SUSE Rancher Security team](https://github.com/harvester/harvester/security/policy) for security related inquiries.\n* Open an issue in the [Harvester](https://github.com/harvester/harvester/issues/new/choose) repository.\n* Verify with the [support matrix](https://www.suse.com/suse-harvester/support-matrix/all-supported-versions/harvester-v1-6-x/) and [product support lifecycle](https://www.suse.com/lifecycle/#suse-virtualization).",
  "id": "GHSA-6g8q-hp2j-gvwv",
  "modified": "2026-01-08T21:18:48Z",
  "published": "2026-01-05T20:25:53Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/harvester/harvester/security/advisories/GHSA-6g8q-hp2j-gvwv"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62877"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-62877"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/harvester/harvester"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Harvest May Expose OS Default SSH Login Password Via SUSE Virtualization Interactive Installer"
}

GHSA-6HP8-P722-7744

Vulnerability from github – Published: 2022-12-13 18:30 – Updated: 2022-12-15 06:30
VLAI
Details

In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-179725730

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-20466"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-13T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user\u0027s password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-179725730",
  "id": "GHSA-6hp8-p722-7744",
  "modified": "2022-12-15T06:30:30Z",
  "published": "2022-12-13T18:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-20466"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2022-12-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6Q6W-QW52-9Q3J

Vulnerability from github – Published: 2026-06-17 18:35 – Updated: 2026-06-17 18:35
VLAI
Details

In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration.

The vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-20265"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-17T18:17:40Z",
    "severity": "MODERATE"
  },
  "details": "In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration.  \n\nThe vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent  requests to approved external domains.",
  "id": "GHSA-6q6w-qw52-9q3j",
  "modified": "2026-06-17T18:35:57Z",
  "published": "2026-06-17T18:35:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20265"
    },
    {
      "type": "WEB",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0613"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6RMH-7XCM-CPXJ

Vulnerability from github – Published: 2026-05-11 13:56 – Updated: 2026-05-11 13:56
VLAI
Summary
PraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow execution
Details

Summary

PraisonAI ships a legacy Flask API server with authentication disabled by default. When that server is used, any caller that can reach it can access /agents and trigger the configured agents.yaml workflow through /chat without providing a token.

Details

The vulnerable server is the shipped src/praisonai/api_server.py entrypoint.

The deploy subsystem keeps the same insecure authentication default:

For scope clarity: the newer serve agents command is safer by default, because it binds to 127.0.0.1 and supports --api-key in [src/praisonai/praisonai/cli/commands/serve.py](https://github.com/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/praisonai/cli/commands/serve.py:155). This report is about the shipped legacy API server and the generated/sample API deployment path above.

Version scope:

  • v2.5.6 already ships the same src/praisonai/api_server.py implementation.
  • The current PyPI release on May 1, 2026 is 4.6.33, and it still ships the same unauthenticated server logic.

PoC

The following route-level reproduction was verified locally and proves that the shipped api_server.py exposes /agents and /chat without authentication.

  1. From the repository root, create a throwaway environment with the server's direct Flask dependencies:
python3 -m venv /tmp/praisonai-ghsa-venv
/tmp/praisonai-ghsa-venv/bin/pip install flask flask-cors
  1. Execute the shipped src/praisonai/api_server.py under a minimal stub for praisonai.PraisonAI so only the server auth logic is exercised:
/tmp/praisonai-ghsa-venv/bin/python - <<'PY'
import importlib.util
import pathlib
import sys
import types

stub = types.ModuleType("praisonai")

class DummyPraisonAI:
    def __init__(self, agent_file="agents.yaml"):
        self.agent_file = agent_file
    def run(self):
        return {"ran": True, "agent_file": self.agent_file}

stub.PraisonAI = DummyPraisonAI
sys.modules["praisonai"] = stub

path = pathlib.Path("src/praisonai/api_server.py").resolve()
spec = importlib.util.spec_from_file_location("api_server_local", path)
mod = importlib.util.module_from_spec(spec)
spec.loader.exec_module(mod)

client = mod.app.test_client()
print(client.get("/agents").status_code, client.get("/agents").get_data(as_text=True))
print(client.post("/chat", json={"message": "hello"}).status_code, client.post("/chat", json={"message": "hello"}).get_data(as_text=True))
PY
  1. Observed result:
200 {"agent_file":"agents.yaml","agents":["default"]}
200 {"response":{"agent_file":"agents.yaml","ran":true},"status":"success"}

Both endpoints succeed without any Authorization header.

Impact

Any reachable caller can invoke the legacy API server's protected functionality without a token.

At minimum, this allows:

  • unauthenticated enumeration of the configured agent file through /agents
  • unauthenticated triggering of the locally configured agents.yaml workflow through /chat
  • repeated consumption of model/API quota and any other side effects performed by that workflow
  • exposure of whatever result PraisonAI.run() returns to the unauthenticated caller

This is not the same as arbitrary prompt injection by itself, because the current /chat handler ignores the submitted message value and simply runs the configured workflow. The impact therefore depends on what the operator's agents.yaml is allowed to do, but the authentication bypass is unconditional in the shipped legacy server.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.6.33"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "PraisonAI"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.6"
            },
            {
              "fixed": "4.6.34"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-44338"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188",
      "CWE-306",
      "CWE-668"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-11T13:56:16Z",
    "nvd_published_at": "2026-05-08T14:16:46Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nPraisonAI ships a legacy Flask API server with authentication disabled by default. When that server is used, any caller that can reach it can access `/agents` and trigger the configured `agents.yaml` workflow through `/chat` without providing a token.\n\n### Details\nThe vulnerable server is the shipped `src/praisonai/api_server.py` entrypoint.\n\n- `AUTH_ENABLED = False` and `AUTH_TOKEN = None` are hard-coded at [[src/praisonai/api_server.py](https://github.com/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/api_server.py:15)](/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/api_server.py:15).\n- `check_auth()` returns `True` whenever authentication is disabled, so both protected routes fail open by design at [[src/praisonai/api_server.py](https://github.com/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/api_server.py:18)](/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/api_server.py:18).\n- `POST /chat` only checks that the request JSON contains a `message` key and then runs `PraisonAI(agent_file=\"agents.yaml\").run()` at [[src/praisonai/api_server.py](https://github.com/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/api_server.py:31)](/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/api_server.py:31).\n- `GET /agents` is guarded by the same no-op authentication check and returns agent metadata at [[src/praisonai/api_server.py](https://github.com/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/api_server.py:55)](/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/[src/praisonai/api_server.py](https://github.com/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/api_server.py:66):55).\n- When launched directly, the same script binds to `0.0.0.0:8080` at [src/praisonai/api_server.py](/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/api_server.py:66).\n\nThe deploy subsystem keeps the same insecure authentication default:\n\n- `APIConfig` defaults `auth_enabled` to `False` in [[src/praisonai/praisonai/deploy/models.py](https://github.com/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/praisonai/deploy/models.py:23)](/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/praisonai/deploy/models.py:23).\n- The generated sample API deployment YAML recommends `host: 0.0.0.0` together with `auth_enabled: false` in [[src/praisonai/praisonai/deploy/schema.py](https://github.com/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/praisonai/deploy/schema.py:108)](/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/praisonai/deploy/schema.py:108).\n\nFor scope clarity: the newer `serve agents` command is safer by default, because it binds to `127.0.0.1` and supports `--api-key` in [[src/praisonai/praisonai/cli/commands/serve.py](https://github.com/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/praisonai/cli/commands/serve.py:155)](/Users/shmulc/Stuff/tmp/first-cve/scans/variant-hunt/PraisonAI/src/praisonai/praisonai/cli/commands/serve.py:155). This report is about the shipped legacy API server and the generated/sample API deployment path above.\n\nVersion scope:\n\n- `v2.5.6` already ships the same `src/praisonai/api_server.py` implementation.\n- The current PyPI release on May 1, 2026 is `4.6.33`, and it still ships the same unauthenticated server logic.\n\n### PoC\nThe following route-level reproduction was verified locally and proves that the shipped `api_server.py` exposes `/agents` and `/chat` without authentication.\n\n1. From the repository root, create a throwaway environment with the server\u0027s direct Flask dependencies:\n\n```bash\npython3 -m venv /tmp/praisonai-ghsa-venv\n/tmp/praisonai-ghsa-venv/bin/pip install flask flask-cors\n```\n\n2. Execute the shipped `src/praisonai/api_server.py` under a minimal stub for `praisonai.PraisonAI` so only the server auth logic is exercised:\n\n```bash\n/tmp/praisonai-ghsa-venv/bin/python - \u003c\u003c\u0027PY\u0027\nimport importlib.util\nimport pathlib\nimport sys\nimport types\n\nstub = types.ModuleType(\"praisonai\")\n\nclass DummyPraisonAI:\n    def __init__(self, agent_file=\"agents.yaml\"):\n        self.agent_file = agent_file\n    def run(self):\n        return {\"ran\": True, \"agent_file\": self.agent_file}\n\nstub.PraisonAI = DummyPraisonAI\nsys.modules[\"praisonai\"] = stub\n\npath = pathlib.Path(\"src/praisonai/api_server.py\").resolve()\nspec = importlib.util.spec_from_file_location(\"api_server_local\", path)\nmod = importlib.util.module_from_spec(spec)\nspec.loader.exec_module(mod)\n\nclient = mod.app.test_client()\nprint(client.get(\"/agents\").status_code, client.get(\"/agents\").get_data(as_text=True))\nprint(client.post(\"/chat\", json={\"message\": \"hello\"}).status_code, client.post(\"/chat\", json={\"message\": \"hello\"}).get_data(as_text=True))\nPY\n```\n\n3. Observed result:\n\n```text\n200 {\"agent_file\":\"agents.yaml\",\"agents\":[\"default\"]}\n200 {\"response\":{\"agent_file\":\"agents.yaml\",\"ran\":true},\"status\":\"success\"}\n```\n\nBoth endpoints succeed without any `Authorization` header.\n\n### Impact\nAny reachable caller can invoke the legacy API server\u0027s protected functionality without a token.\n\nAt minimum, this allows:\n\n- unauthenticated enumeration of the configured agent file through `/agents`\n- unauthenticated triggering of the locally configured `agents.yaml` workflow through `/chat`\n- repeated consumption of model/API quota and any other side effects performed by that workflow\n- exposure of whatever result `PraisonAI.run()` returns to the unauthenticated caller\n\nThis is not the same as arbitrary prompt injection by itself, because the current `/chat` handler ignores the submitted `message` value and simply runs the configured workflow. The impact therefore depends on what the operator\u0027s `agents.yaml` is allowed to do, but the authentication bypass is unconditional in the shipped legacy server.",
  "id": "GHSA-6rmh-7xcm-cpxj",
  "modified": "2026-05-11T13:56:16Z",
  "published": "2026-05-11T13:56:16Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-6rmh-7xcm-cpxj"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44338"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/MervinPraison/PraisonAI"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "PraisonAI ships and generates a legacy API server with authentication disabled by default, allowing unauthenticated workflow execution"
}

GHSA-6WX9-JH9R-C86M

Vulnerability from github – Published: 2022-05-13 01:21 – Updated: 2022-05-13 01:21
VLAI
Details

In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-117770924.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-1994"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-02-28T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings accessible due to an insecure default value. This could lead to unwanted access to development settings, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-117770924.",
  "id": "GHSA-6wx9-jh9r-c86m",
  "modified": "2022-05-13T01:21:59Z",
  "published": "2022-05-13T01:21:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1994"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2019-02-01"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106946"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-738Q-MC72-2Q22

Vulnerability from github – Published: 2023-10-10 21:31 – Updated: 2023-10-18 16:20
VLAI
Summary
MTProto proxy remote code execution vulnerability
Details

In the mtproto_proxy (aka MTProto proxy) component through 0.7.2 for Erlang, a low-privileged remote attacker can access an improperly secured default installation without authenticating and achieve remote command execution ability.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Hex",
        "name": "mtproto_proxy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.7.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-45312"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-10-10T22:28:03Z",
    "nvd_published_at": "2023-10-10T21:15:09Z",
    "severity": "HIGH"
  },
  "details": "In the mtproto_proxy (aka MTProto proxy) component through 0.7.2 for Erlang, a low-privileged remote attacker can access an improperly secured default installation without authenticating and achieve remote command execution ability.",
  "id": "GHSA-738q-mc72-2q22",
  "modified": "2023-10-18T16:20:10Z",
  "published": "2023-10-10T21:31:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45312"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/seriyps/mtproto_proxy"
    },
    {
      "type": "WEB",
      "url": "https://medium.com/@_sadshade/almost-2000-telegram-proxy-servers-are-potentially-vulnerable-to-rce-since-2018-742a455be16b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "MTProto proxy remote code execution vulnerability"
}

GHSA-73P7-57GM-896G

Vulnerability from github – Published: 2026-02-07 09:32 – Updated: 2026-04-08 18:34
VLAI
Details

The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for unauthenticated attackers to bypass the geolocation blocking mechanism by appending the key to any URL on sites where the administrator has not changed the default value.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-1675"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-07T09:16:01Z",
    "severity": "MODERATE"
  },
  "details": "The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for unauthenticated attackers to bypass the geolocation blocking mechanism by appending the key to any URL on sites where the administrator has not changed the default value.",
  "id": "GHSA-73p7-57gm-896g",
  "modified": "2026-04-08T18:34:02Z",
  "published": "2026-02-07T09:32:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1675"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/advanced-country-blocker/tags/2.3.1/advanced-country-blocking.php#L278"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/advanced-country-blocker/tags/2.3.1/advanced-country-blocking.php#L336"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/advanced-country-blocker/tags/2.3.1/advanced-country-blocking.php#L420"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/changeset/3455225"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/30747988-83f9-41f9-9bc5-1f533bc4cb94?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-74RW-HCH5-4P5V

Vulnerability from github – Published: 2025-12-08 18:30 – Updated: 2025-12-08 21:30
VLAI
Details

In DefaultTransitionHandler.java, there is a possible way to enable a tapjacking attack due to a insecure default. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-48621"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-08T17:16:18Z",
    "severity": "HIGH"
  },
  "details": "In DefaultTransitionHandler.java, there is a possible way to enable a tapjacking attack due to a insecure default. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.",
  "id": "GHSA-74rw-hch5-4p5v",
  "modified": "2025-12-08T21:30:21Z",
  "published": "2025-12-08T18:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48621"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/frameworks/base/+/6d1697c96c5cae5062f6aea58cf2665b7d646cb8"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/frameworks/native/+/cc34c7b416b964c05a42ae3e9c2929b59b92c64f"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2025-12-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-7683-VM2J-M4CC

Vulnerability from github – Published: 2024-12-26 09:30 – Updated: 2024-12-26 09:30
VLAI
Details

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-56433"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-26T09:15:07Z",
    "severity": "LOW"
  },
  "details": "shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.",
  "id": "GHSA-7683-vm2j-m4cc",
  "modified": "2024-12-26T09:30:46Z",
  "published": "2024-12-26T09:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433"
    },
    {
      "type": "WEB",
      "url": "https://github.com/shadow-maint/shadow/issues/1157"
    },
    {
      "type": "WEB",
      "url": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241"
    },
    {
      "type": "WEB",
      "url": "https://github.com/shadow-maint/shadow/releases/tag/4.4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

CAPEC-665: Exploitation of Thunderbolt Protection Flaws

An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.