CWE-396
2 CVEs classified under CWE-396. Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40149 | High | 7.9 | 2026-04-09 | PraisonAI is a multi-agent teams system. Prior to 4.5.128, the gateway's /api/approval/allow-list endpoint permits unauthenticated modification of the tool app… |
CVE-2026-27482 | Medium | 5.9 | 2026-02-21 | Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP server blocks browser-origin POST/PUT but does not cover DELETE, and key DELETE en… |