Monthly
Unauthenticated modification of the tool approval allowlist in PraisonAI multi-agent system (versions prior to 4.5.128) enables attackers to bypass human-in-the-loop safety controls by injecting dangerous tool names (shell_exec, file_write) into the allowlist via the /api/approval/allow-list gateway endpoint. The ExecApprovalManager then auto-approves agent invocations of these tools, circumventing the approval mechanism's core security function. Attack requires local access; no public exploit identified at time of analysis. CVSS 7.9 reflects high integrity impact with scope change due to compromised safety boundaries in agent workflows.
Ray dashboard versions 2.53.0 and below lack proper authentication on DELETE endpoints, allowing unauthenticated attackers to terminate Serve instances or remove jobs through DNS rebinding or same-network attacks. Public exploit code exists for this vulnerability, which impacts Ray deployments with dashboards exposed to network access. Administrators should upgrade to Ray 2.54.0 or higher to remediate the availability risk.
Unauthenticated modification of the tool approval allowlist in PraisonAI multi-agent system (versions prior to 4.5.128) enables attackers to bypass human-in-the-loop safety controls by injecting dangerous tool names (shell_exec, file_write) into the allowlist via the /api/approval/allow-list gateway endpoint. The ExecApprovalManager then auto-approves agent invocations of these tools, circumventing the approval mechanism's core security function. Attack requires local access; no public exploit identified at time of analysis. CVSS 7.9 reflects high integrity impact with scope change due to compromised safety boundaries in agent workflows.
Ray dashboard versions 2.53.0 and below lack proper authentication on DELETE endpoints, allowing unauthenticated attackers to terminate Serve instances or remove jobs through DNS rebinding or same-network attacks. Public exploit code exists for this vulnerability, which impacts Ray deployments with dashboards exposed to network access. Administrators should upgrade to Ray 2.54.0 or higher to remediate the availability risk.