letta-nory (=0.1.0) potentially affected by CVE-2025-6101 +1 more via letta (=0.16.7)

letta PYPI version =0.16.7 is affected by a known vulnerability. The following packages have a transitive dependency on letta and may be impacted: - letta-nory =0.1.0 Source cves: CVE-2025-6101, CVE-2026-4965 Source advisory: SNYK:PYTHON-LETTA-15874391...

Eval Injection

Overview letta is a Create LLM agents with long-term memory and custom tools Affected versions of this package are vulnerable to Eval Injection via the resolvetype function. An attacker can execute arbitrary code by supplying crafted input that is improperly neutralized before being evaluated. No...

EUVD-2026-16736

A vulnerability was detected in letta-ai letta 0.16.4. This issue affects the function resolvetype of the file letta/functions/astparsers.py of the component Incomplete Fix CVE-2025-6101. Performing a manipulation results in improper neutralization of directives in dynamically evaluated code. The...

CVE-2026-4965

A vulnerability was detected in letta-ai letta 0.16.4. This issue affects the function resolvetype of the file letta/functions/astparsers.py of the component Incomplete Fix CVE-2025-6101. Performing a manipulation results in improper neutralization of directives in dynamically evaluated code. The...

Debian: Security Advisory (DSA-6101-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dsa-6101 : firefox-esr - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6101 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6101-1 [email protected]...

CVE-2021-28958

Zoho ManageEngine ADSelfService Plus through 6101 is vulnerable to unauthenticated Remote Code Execution while changing the password...

letta-nory (=0.1.0) potentially affected by CVE-2025-6101 via letta (=0.16.7)

letta PYPI version =0.16.7 is affected by a known vulnerability. The following packages have a transitive dependency on letta and may be impacted: - letta-nory =0.1.0 Source cves: CVE-2025-6101 Source advisory: SNYK:PYTHON-LETTA-10494065...

CVE-2025-6101

creationtimestamp| type| source ---|---|--- 2025-06-16 02:39:39+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18392 2026-03-27 19:19:24+00:00| seen| Telegram/oT6t4NRMpgoX3zBs2D6gNNWCx9cAFlVoBXSXqbTX6Ejwqdk...

CVE-2025-6101 letta-ai letta interface.py function_message eval injection

A vulnerability classified as critical has been found in letta-ai letta up to 0.4.1. Affected is the function functionmessage of the file letta/letta/interface.py. The manipulation of the argument functionname/functionargs leads to improper neutralization of directives in dynamically evaluated...

CVE-2023-6101

A vulnerability, which was classified as problematic, has been found in Maiwei Safety Production Control Platform 4.1. This issue affects some unknown processing of the file /TC/V2.7/ha.html of the component Intelligent Monitoring. The manipulation leads to information disclosure. The attack may ...

Linux Distros Unpatched Vulnerability : CVE-2024-6101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory access via a crafted HTML...

electron30 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-5493. Security: backported fix for CVE-2024-5831. Security: backported fix for CVE-2024-5832. Security: backported fix for CVE-2024-6100. Security: backported fix for CVE-2024-6101...

electron29 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-5499. Security: backported fix for CVE-2024-5493. Security: backported fix for CVE-2024-5494. Security: backported fix for CVE-2024-5495. Security: backported fix for CVE-2024-5496...

Google Chrome Security Update (stable-channel-update-for-desktop_18-2024-06) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Google Chrome Security Update (stable-channel-update-for-desktop_18-2024-06) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Fedora 40 : chromium (2024-d2b54d5a9d)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d2b54d5a9d advisory. update to 126.0.6478.114 High CVE-2024-6100: Type Confusion in V8 High CVE-2024-6101: Inappropriate implementation in WebAssembly High CVE-2024-6102...

Fedora 39 : chromium (2024-dd14eefb0e)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-dd14eefb0e advisory. update to 126.0.6478.114 High CVE-2024-6100: Type Confusion in V8 High CVE-2024-6101: Inappropriate implementation in WebAssembly High CVE-2024-6102...

Google Chrome Security Update (stable-channel-update-for-desktop_18-2024-06) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Chromium: CVE-2024-6101: Inappropriate implementation in WebAssembly

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...