In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Missing Authorization vulnerabilities in an interactive lesson.
Start learningUpgrade @agenticmail/api to version 0.9.64 or higher.
@agenticmail/api is a REST API server for AgenticMail — email, SMS, and phone call-control endpoints for AI agents
Affected versions of this package are vulnerable to Missing Authorization via the GET /api/agenticmail/tasks/pending and related task mutation endpoints. An attacker can access and manipulate tasks assigned to other agents by enumerating agent names and using task IDs to claim, complete, or fail tasks without proper authorization.