Tag
critical
advisory
PraisonAI A2A Server Example Unauthenticated Remote Code Execution
2 rules 1 TTPThe PraisonAI A2A server example is vulnerable to remote code execution due to a combination of factors: the example exposes an A2A server without authentication, binds to 0.0.0.0, and registers a `calculate` tool implemented with Python `eval(expression)`.
A2A server example
a2a
praisonai
rce
eval
2r
1t
critical
advisory
CVE-2026-27384: W3 Total Cache Unauthenticated RCE via eval() Code Injection
2 rules 1 TTPA public exploit has been published for CVE-2026-27384, a critical unauthenticated remote code execution vulnerability in the W3 Total Cache WordPress plugin.
W3 Total Cache < 2.9.2
rce
wordpress
code-injection
eval
w3-total-cache
2r
1t