Gothburz

**Nome do Software Vulnerável e Versões Afetadas** MLflow (versões afetadas não especificadas) **Descrição** O MLflow é suscetível a um bypass de autenticação devido ao uso de senhas padrão. Isso permite acesso não autorizado ao sistema. O problema envolve uma falha de segurança crítica com pontuação CVSS de 9,8. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Langflow (affected versions not specified) **Description** A flaw exists in the disk cache service of Langflow that allows remote attackers to execute arbitrary code on affected installations. Authentication is required for exploitation. The issue stems from insufficient validation of user-supplied data, leading to the deserialization of untrusted data. An attacker can exploit this to execute code within the service account's context. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do Software Vulnerável e Versões Afetadas** gemini-mcp-tool (versões afetadas não especificadas) **Descrição** O software gemini-mcp-tool contém uma falha crítica no método `execAsync` que permite execução remota de código (RCE) não autenticada. Este problema decorre da falta de validação adequada de entrada antes da execução de chamadas de sistema, permitindo que invasores injetem comandos de shell maliciosos. Um invasor pode acessar um endpoint MCP acessível pela rede e enviar entrada manipulada ao método `execAsync`, fazendo com que o serviço execute comandos como a conta de serviço gemini-mcp-tool. A exploração bem-sucedida pode levar ao comprometimento total do host, incluindo acesso de leitura/gravação de arquivos, persistência, roubo de credenciais e potencial tomada de controle de plataformas de IA/ML. A causa raiz é identificada como Injeção de Comando no Sistema Operacional (CWE-78) devido à sanitização insuficiente e falta de execução parametrizada. Invasores podem utilizar metacaracteres de shell para injetar comandos. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Langflow (affected versions not specified) **Description** A flaw exists in Langflow related to the handling of Python function components, potentially allowing remote attackers to execute arbitrary code on affected systems. An attacker may be able to introduce custom Python code into a workflow and leverage this to execute code within the application's context. The impact and exploitability depend on the specific product configuration. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open WebUI (affected versions not specified) **Description** A flaw exists in the `load tool module by id` function of Open WebUI that allows remote attackers to execute arbitrary code. Authentication is required for exploitation. The issue stems from insufficient validation of user-supplied input before it is used to execute Python code. Successful exploitation allows an attacker to execute code within the context of the service account. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open WebUI (affected versions not specified) **Description** A flaw exists in Open WebUI that allows remote attackers to execute arbitrary code. Authentication is required to exploit this issue. The vulnerability is located within the `install frontmatter requirements` function and stems from insufficient validation of user-supplied input before it is used in a system call. Successful exploitation could allow an attacker to execute code with the privileges of the service account. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Foundation Agents MetaGPT (affected versions not specified) **Description** This issue is a code injection leading to remote code execution in Foundation Agents MetaGPT. It allows attackers to execute arbitrary code on affected systems without authentication. The root cause is insufficient validation of user-supplied strings before they are used to execute Python code within the `actionoutput str to mapping` function. An attacker can leverage this to execute code with the privileges of the service account. The flaw can be exploited over HTTP for initial access or lateral movement. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Langflow (affected versions not specified) **Description** A flaw exists in Langflow that allows remote attackers to execute arbitrary code on affected systems. Authentication is not required for exploitation. The issue stems from insufficient validation of user-supplied input provided to the `validate` API endpoint. Specifically, the code parameter is not properly sanitized before being used to execute Python code, potentially allowing an attacker to execute code with root privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do Software Vulnerável e Versões Afetadas** Langflow (versões afetadas não especificadas) **Descrição** Existe uma falha no Langflow que permite que atacantes remotos executem código arbitrário. Não é necessária autenticação para a exploração. O problema decorre da inclusão de funcionalidade de uma esfera de controle não confiável ao manipular o parâmetro `exec globals` fornecido ao endpoint `validate`. A exploração bem-sucedida permite que um atacante execute código no contexto de root. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Katana Network Development Starter Kit (affected versions not specified) **Description** The Katana Network Development Starter Kit contains a command injection flaw in the `executeCommand` function, potentially allowing remote code execution. The issue stems from insufficient input validation when processing commands. The `executeCommand` function directly incorporates user-supplied input into system commands without proper sanitization, which could allow an attacker to inject arbitrary commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPT Academic (affected versions not specified) **Description** A flaw exists in the `stream daas` function that allows remote attackers to execute arbitrary code on affected systems. This is due to insufficient validation of user-supplied data, leading to deserialization of untrusted data. Successful exploitation could allow an attacker to execute code in the context of root. Interaction with a malicious DAAS server is required for exploitation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** github-kanban-mcp-server (affected versions not specified) **Description** A flaw exists in github-kanban-mcp-server that allows remote attackers to execute arbitrary code on affected systems. Authentication is not required for exploitation. The issue stems from insufficient validation of user-supplied input within the `create issue` parameter before it is used in a system call. This can allow an attacker to execute code in the context of the service account. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do Software Vulnerável e Versões Afetadas** GPT Academic (versões afetadas não especificadas) **Descrição** Existe uma falha na função `run in subprocess wrapper func` que permite que atacantes remotos executem código arbitrário nos sistemas afetados. Não é necessária autenticação para a exploração. O problema decorre da validação insuficiente de dados fornecidos pelo usuário, levando à desserialização de dados não confiáveis. Um atacante pode potencialmente executar código com privilégios de root. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** GPT Academic (affected versions not specified) **Description** A flaw exists that allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit this issue. The vulnerability is due to insufficient validation of user-supplied data within the upload endpoint, leading to deserialization of untrusted data. An attacker can potentially execute code with root privileges. The specific API endpoint involved is the upload endpoint. The vulnerability stems from the deserialization of untrusted data, potentially through a vulnerable parameter submitted during the upload process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Langflow (affected versions not specified) **Description** A flaw exists in Langflow that allows remote attackers to execute arbitrary code. This does not require authentication. The issue is due to insufficient validation of user-supplied input before it is used in the `eval custom component code()` function to execute Python code. An attacker can exploit this to execute code within the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mcp-server-siri-shortcuts (affected versions not specified) **Description** This issue allows local attackers to escalate privileges on affected systems. An attacker must first have the ability to execute low-privileged code on the target system. The flaw is due to insufficient validation of user-supplied input within the `shortcutName` parameter before it is used to execute a system call. This can be leveraged to execute arbitrary code in the context of the service account. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MCP Manager for Claude Desktop (affected versions not specified) **Description** The software contains a security issue that allows for sandbox escape and arbitrary code execution within the context of the MCP Manager process. This is triggered by manipulated MCP configurations or malicious pages/files. The software is considered high risk in production environments. **Recommendations** Disable or remove the software until an official fix is available.

**Name of the Vulnerable Software and Affected Versions** Open WebUI (affected versions not specified) **Description** A flaw exists in Open WebUI that allows network-adjacent attackers to disclose sensitive information. The issue stems from transmitting credentials in plaintext through an unspecified endpoint. Authentication is not required for exploitation. Successful exploitation could lead to further compromise of the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Foundation Agents MetaGPT (affected versions not specified) **Description** A flaw exists in the `deserialize message` function that allows remote attackers to execute arbitrary code on affected systems. Authentication is not required for exploitation. The issue stems from a lack of proper validation of user-supplied data, leading to the deserialization of untrusted data. An attacker can leverage this to execute code within the context of the service account. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do Software Vulnerável e Versões Afetadas** Tencent FaceDetection-DSFD (versões afetadas não especificadas) **Descrição** Existe uma falha no Tencent FaceDetection-DSFD que permite que atacantes remotos executem código arbitrário. É necessária interação do usuário, como visitar uma página maliciosa ou abrir um arquivo malicioso. O problema decorre da validação insuficiente de dados fornecidos pelo usuário, levando à desserialização de dados não confiáveis dentro do endpoint `resnet`. A exploração bem-sucedida poderia permitir que um atacante executasse código com privilégios de root. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.