Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database

Published	Public	Updated	ID	CVSS	Title
2026-02-12	2026-02-12	2026-02-23	VU#504749		PyMuPDF path traversal and arbitrary file write vulnerabilities
2026-03-02	2026-03-02	2026-03-02	VU#431821		MS-Agent does not properly sanitize commands sent to its shell tool, allowing for RCE

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis

Carnegie Mellon University
Software Engineering Institute
4500 Fifth Avenue
Pittsburgh, PA 15213-2612
412-268-5800

Office Locations | Additional Sites Directory | Legal | Privacy Notice | CMU Ethics Hotline | www.sei.cmu.edu

©2026 Carnegie Mellon University

Contact SEI

Contact CERT/CC

412-268-5800
cert@cert.org