CVE-2026-42080

MEDIUM NVD

CVSS Score 4.6

Severity MEDIUM

Published May 04, 2026

Vendor unknown

Description

PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, there is an arbitrary file write vulnerability via `save_generated_slides`. This issue has been patched via commit 418491a.

References

https://github.com/icip-cas/PPTAgent/commit/418491a9a1c02d9d93194b5973bb58df35cf9d00
https://github.com/icip-cas/PPTAgent/security/advisories/GHSA-pxhg-7xr2-w7xg