CVE-2026-6208

creationtimestamp| type| source ---|---|--- 2026-06-05 15:27:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnkh7wk2k72m...

aider-chat (=0.43.0), aimon-llamaindex (>=0.0.6 <=0.0.9) +686 more potentially affected by CVE-2025-6208 via llama-index-core (>=0.10.0 <=0.12.39)

llama-index-core PYPI version =0.10.0, =0.0.6, =1.1.0, =3.0.0, =1.7.0, =1.0.0, =0.0.3, =0.2.1, =0.2.1.dev0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.1.0, =0.4.0.dev2 and more Source cves: CVE-2025-6208 Source advisory: SNYK:PYTHON-LLAMAINDEXCORE-15170850...

aider-chat (=0.43.0), aimon-llamaindex (>=0.0.6 <=0.0.9) +686 more potentially affected by CVE-2025-6208 via llama-index-core (>=0.10.0 <=0.12.39)

llama-index-core PYPI version =0.10.0, =0.0.6, =1.1.0, =3.0.0, =1.7.0, =1.0.0, =0.0.3, =0.2.1, =0.2.1.dev0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.1.0, =0.4.0.dev2 and more Source cves: CVE-2025-6208 Source advisory: OSV:GHSA-488G-HW5F-X29P...

CVE-2025-6208

The SimpleDirectoryReader component in llamaindex.core version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit numfileslimit is applied after all files in a directory are loaded into memory. Thi...

CVE-2025-6208

The CVE-2025-6208 issue affects llama_index.core, specifically the SimpleDirectoryReader class, where the configured num_files_limit is enforced after all files in a directory are loaded into memory. This causes uncontrolled memory consumption and potential DoS in resource-constrained environment...

TencentOS Server 2: thunderbird (TSSA-2023:0315)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0315 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TencentOS Server 3: thunderbird (TSSA-2023:0307)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0307 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: firefox (TSSA-2023:0308)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0308 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Moderate: Red Hat Security Advisory: wget security update

An update for wget is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

CVE-2024-6208

creationtimestamp| type| source ---|---|--- 2024-07-31 15:59:54+00:00| seen| https://t.me/cvedetector/2136...

CVE-2024-6208 Download Manager <= 3.2.97 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpdmallpackages' shortcode in all versions up to, and including, 3.2.97 due to insufficient input sanitization and output escaping on the 'cols' parameter. This makes it possible for...

CVE-2024-6208 Download Manager <= 3.2.97 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpdmallpackages' shortcode in all versions up to, and including, 3.2.97 due to insufficient input sanitization and output escaping on the 'cols' parameter. This makes it possible for...

WordPress Download Manager Plugin <= 3.2.97 is vulnerable to Cross Site Scripting (XSS)

Software Download Manager Type Plugin Vulnerable versions = 3.2.97 Fixed in 3.2.98 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6208 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID feb4d670aa68 Credits Jack Taylor Required...

PT-2024-13141 · Aten · Aten Pe6208

Name of the Vulnerable Software and Affected Versions: Aten PE6208 versions 2.3.228 through 2.4.232 Description: The issue is related to incorrect access control in the account management function of the web interface, allowing remote authenticated users to read user and administrator account...

openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2023:4588-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for MozillaFirefox (SUSE-SU-2023:4928-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in wlwz-2312-6208 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 64d19cb2ea74e5ce5927467dae4b66e7d2d2cefed4358db6b7a8d72272e020cc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-175 Malicious code in wlwz-2311-6208 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 697d158d5ab8fcf534374358bc3929b95bf31d131f987c186c073e2f081c9b59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2311-6208 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 697d158d5ab8fcf534374358bc3929b95bf31d131f987c186c073e2f081c9b59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE: Security Advisory (SUSE-SU-2023:4928-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...