Nekros1Xx

kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer (Kusto). Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the kusto.tables.topics.mapping configuration. The db, table, mapping, and format fields of each mapping entry were interpolated directly into KQL management/query commands via String.formatted(...) (e.g., FETCH TABLE COMMAND.formatted(table) → "<table> | count", FETCH TABLE MAPPING COMMAND.formatted(table, format, mapping) → ".show table <table> ingestion <format> mapping '<mapping>'"). An actor able to influence the connector configuration (for example, someone with permissions to submit or edit Kafka Connect connector configs) could embed KQL metacharacters (;, |, ') to execute arbitrary management commands in the context of the connector's service principal — enabling schema enumeration/modification, ingestion-mapping tampering, or changes to streaming/retention policies on the target Azure Data Explorer database. This is a tampering vulnerability. Exploitation requires privileged access to the connector configuration; no end-user interaction or Kafka record payload is involved. This vulnerability is fixed in 5.2.3.

**Nome do Software Vulnerável e Versões Afetadas** Langflow versões anteriores a 1.9.0 **Description** Langflow é uma ferramenta para construção e implantação de agentes e fluxos de trabalho baseados em IA. Uma falha de path traversal existe no endpoint da API de Knowledge Bases "DELETE /api/v1/knowledge bases" dentro da função `delete knowledge bases bulk()`. O problema ocorre porque os nomes das bases de conhecimento fornecidos pelo usuário no parâmetro `kb names` são concatenados diretamente em caminhos de arquivos sem a devida sanitização ou validação de limite. Isso permite que um invasor autenticado utilize sequências de travessia (ex: `../`) para escapar do diretório pretendido e acionar a função `shutil.rmtree()` para excluir diretórios arbitrários no sistema de arquivos do servidor. Isso pode levar à perda de dados entre locatários, exclusão de arquivos críticos do aplicativo e potencial interrupção do serviço. **Recommendations** Atualizar para a versão 1.9.0. Como medida paliativa temporária, restrinja o acesso ao endpoint da API "DELETE /api/v1/knowledge bases" para minimizar o risco de exploração.

**Name of the Vulnerable Software and Affected Versions** Beszel versions prior to 0.18.2 Beszel versions 0.18.2 through 0.18.3 **Description** Beszel is a server monitoring platform. The platform’s authenticated API endpoints, specifically ''/api/beszel/containers/logs'' and ''/api/beszel/containers/info'', pass the `container` query parameter to the agent without proper validation. The agent then uses this parameter to construct Docker Engine API URLs using `fmt.Sprintf` instead of `url.PathEscape`. Because Go’s `http.Client` does not sanitize `../` sequences in URL paths sent over unix sockets, an authenticated user, even with a readonly role, can potentially traverse to arbitrary Docker API endpoints on the agent hosts. This could expose sensitive infrastructure details. **Recommendations** Update Beszel to version 0.18.4 or later. Update Beszel to version 0.18.4 or later.

**Name of the Vulnerable Software and Affected Versions** WPGraphQL versions prior to 2.9.1 **Description** The WPGraphQL software includes a GraphQL API for WordPress sites. A GitHub Actions workflow file (`release.yml`) in the `wp-graphql/wp-graphql` repository is susceptible to OS command injection. This occurs through the direct use of `${{ github.event.pull request.body }}` within a `run:` shell block. When a pull request is merged from the `develop` branch to the `master` branch, the content of the pull request body is directly inserted into a shell command, potentially enabling arbitrary command execution on the Actions runner. **Recommendations** Update to version 2.9.1 or later.

**Name of the Vulnerable Software and Affected Versions** LiveCode versions prior to commit e151c64c2bd80d2d53ac1333f1df9429fe6a1a11 **Description** LiveCode is an open-source, client-side code playground. The `i18n-update-pull` GitHub Actions workflow is susceptible to JavaScript injection prior to commit e151c64c2bd80d2d53ac1333f1df9429fe6a1a11. The title of a Pull Request is directly interpolated into a JavaScript block within the `actions/github-script` action using a GitHub Actions template expression. An attacker can inject arbitrary JavaScript by creating a Pull Request with a specially crafted title. This injected JavaScript executes with the permissions of the CI bot token (`CI APP ID` / `CI APP PRIVATE KEY`), potentially allowing for the exfiltration of repository secrets and unauthorized operations via the GitHub API. **Recommendations** Update LiveCode to commit e151c64c2bd80d2d53ac1333f1df9429fe6a1a11 or later.