Langflow: Open-Source AI Application Builder
Langflow is an open-source tool for building AI applications and agent workflows. It was the initial entry point for the JADEPUFFER AI…
Langflow is an open-source tool for building AI applications and agent workflows. It was the initial entry point for the JADEPUFFER AI…
PostgreSQL is used by Splunk Enterprise as a sidecar service. The vulnerability CVE-2026-20253 exploits the PostgreSQL sidecar endpoint to achieve unauthenticated file…
LiteLLM, an open-source AI gateway that brokers calls to over 100 model providers, is affected by a chain of three critical vulnerabilities…
Mastra is an open-source JavaScript and TypeScript framework for building AI applications. In June 2026, 145 of its npm packages were compromised…
On June 17, 2026, a software supply chain attack codenamed 'easy-day-js' compromised 145 npm packages under the @mastra/* namespace, a popular open-source…
PostgreSQL is an advanced open-source relational database. 16% of organizations expose Postgres to the internet, making it a common attack vector.
NGINX Open Source versions 1.31.0-1.31.1 are vulnerable to two critical remote code execution flaws; fixed in 1.31.2.
Google has announced that starting September 30, 2026, certified Android devices in Brazil, Indonesia, Singapore, and Thailand will block normal installations of…
Dify is an open-source agentic workflow platform with over 146,000 GitHub stars. It was found to have multiple vulnerabilities (DifyTap) allowing cross-tenant…
Security firm AIR demonstrated a critical supply chain vulnerability in AI agent ecosystems by creating a fake skill named 'brand-landingpage' that bypassed…