Koukyosyumei

**Name of the Vulnerable Software and Affected Versions** PPTAgent versions prior to commit 418491a **Description** An agentic framework for reflective PowerPoint generation allows arbitrary file write and directory creation through the `markdown table to image` function. **Recommendations** Update to commit 418491a or a newer version. As a temporary workaround, consider restricting the use of the `markdown table to image` function until the update is applied.

**Name of the Vulnerable Software and Affected Versions** PPTAgent versions prior to commit 418491a **Description** An agentic framework for reflective PowerPoint generation allows arbitrary code execution. This occurs because the software uses the Python `eval()` function to process code generated by a Large Language Model (LLM) while builtins are in scope. **Recommendations** Update to the version containing commit 418491a.

**Name of the Vulnerable Software and Affected Versions** PPTAgent versions prior to commit 418491a **Description** An arbitrary file write issue exists in this agentic framework for reflective PowerPoint generation. The flaw occurs through the `save generated slides()` function. **Recommendations** Update to commit 418491a or a newer version. As a temporary workaround, restrict the use of the `save generated slides()` function.

**Name of the Vulnerable Software and Affected Versions** Next AI Draw.io versions prior to 0.4.15 **Description** The embedded HTTP sidecar contains three POST handlers, ''/api/state'', ''/api/restore'', and ''/api/history-svg'', which process incoming requests by accumulating the entire request body into a JavaScript string without size limitations. Because Node.js buffers the entire payload in the V8 heap, sending a sufficiently large body can exhaust the process heap memory, resulting in an Out-of-Memory (OOM) error that crashes the MCP server. **Recommendations** Update to version 0.4.15.