PatchSiren

PrefectHQ CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH prefecthq CVE published 2026-05-24

CVE-2026-3515

A command injection vulnerability exists in the `prefect-github` integration for Prefect version 3.6.18. The `GitHubRepository` block's `reference` field is unsafely concatenated into a shell command string before parsing with `shlex.split()`, enabling arbitrary git option injection. Attackers with control over the `reference` parameter can inject flags such as `-c` to execute arbitrary commands, potentia [truncated]

CRITICAL PrefectHQ CVE published 2026-04-02

CVE-2026-32871

CVE-2026-32871 is a critical vulnerability in the OpenAPIProvider of FastMCP, a Pythonic way to build MCP servers and clients. The vulnerability arises from the _build_url() method in the RequestDirector class, which fails to URL-encode path parameters when constructing HTTP requests to the backend service. This oversight enables attackers to perform path traversal attacks by manipulating path parameters, [truncated]