Medium nvd · CVE-2026-42078

CVE-2026-42078: PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable t

Published May 4, 2026 CVSS 4.6

PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary file write and directory creation via markdown_table_to_image. This issue has been patched via commit 418491a.

Agentic / MCP

Affected AI Products

agentic

View original source

Get the weekly digest. Every Monday: top AI security stories of the week. Free.