25 matches found
EUVD-2026-43249
A flaw has been found in Helicone ai-gateway up to 0.2.0-beta.30. This affects the function buildtargeturl of the file ai-gateway/src/dispatcher/service.rs of the component AWS Metadata Service. Executing a manipulation of the argument extractedpathandquery can lead to server-side request forgery...
CVE-2026-15508
A flaw has been found in Helicone ai-gateway up to 0.2.0-beta.30. This affects the function buildtargeturl of the file ai-gateway/src/dispatcher/service.rs of the component AWS Metadata Service. Executing a manipulation of the argument extractedpathandquery can lead to server-side request forgery...
CVE-2026-15508
Helicone ai-gateway (up to 0.2.0-beta.30) is affected. The flaw is in the AWS Metadata Service component, specifically the build_target_url function in ai-gateway/src/dispatcher/service.rs, where manipulating extracted_path_and_query can trigger server-side request forgery. Exploitation is possib...
CVE-2026-15508 Helicone ai-gateway AWS Metadata Service service.rs build_target_url server-side request forgery
A flaw has been found in Helicone ai-gateway up to 0.2.0-beta.30. This affects the function buildtargeturl of the file ai-gateway/src/dispatcher/service.rs of the component AWS Metadata Service. Executing a manipulation of the argument extractedpathandquery can lead to server-side request forgery...
PT-2026-57575
A flaw has been found in Helicone ai-gateway up to 0.2.0-beta.30. This affects the function build target url of the file ai-gateway/src/dispatcher/service.rs of the component AWS Metadata Service. Executing a manipulation of the argument extracted path and query can lead to server-side request...
CVE-2026-4035
A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which can be exploited to exfiltrate sensitive server-side environment credentials to an attacker-controlled endpoint. This issue arises because the apikey field in...
EUVD-2026-34068
A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which can be exploited to exfiltrate sensitive server-side environment credentials to an attacker-controlled endpoint. This issue arises because the apikey field in...
MLflow 安全漏洞
MLflow is an open-source platform that simplifies machine learning development. It includes features for tracking experiments, packaging code for reproducible runs, and sharing and deploying models. Versions of MLflow prior to 3.11.0 contained a security vulnerability, which was caused by an issu...
GHSA-4GPH-2HHR-5MWG Envoy AI Proxy - MCP Message Smuggling Vulnerability
Envoy AI Gateway was found to be affected by a protocol parser differential vulnerability due to improper implementation of the JSON-RPC 2.0 specification. Such differential causes a MCP message alteration, potentially causing a bypass of security controls in a multi-layered architecture. Accordi...
Envoy AI Proxy - MCP Message Smuggling Vulnerability
Envoy AI Gateway was found to be affected by a protocol parser differential vulnerability due to improper implementation of the JSON-RPC 2.0 specification. Such differential causes a MCP message alteration, potentially causing a bypass of security controls in a multi-layered architecture. Accordi...
AI Gateway secret API accepts `$ENV_VAR` references and can be remotely abused to exfiltrate server-side environment credentials to an attacker-controlled upstream endpoint. And the leaked credentials can be further leveraged to break security boundaries.
Analyzed project versions: Current target branch: master Current HEAD: dc8ef3cbbefccf7384f4e3023492aae635c5d5d0 Fix 403 Forbidden for artifact list via query param when defaultpermission=NOPERMISSIONS 21220, commit date: 2026-03-04 The vulnerability is that AI Gateway secrets allow...
CVE-2026-1868
GitLab has remediated a vulnerability in the Duo Workflow Service component of GitLab AI Gateway affecting all versions of the AI Gateway from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0 in which AI Gateway was vulnerable to insecure template expansion of user supplied data via crafted D...
CVE-2026-1868 Improper Neutralization of Special Elements Used in a Template Engine in GitLab AI Gateway
GitLab has remediated a vulnerability in the Duo Workflow Service component of GitLab AI Gateway affecting all versions of the AI Gateway from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0 in which AI Gateway was vulnerable to insecure template expansion of user supplied data via crafted D...
CVE-2026-1868
GitLab AI Gateway’s Duo Workflow Service was affected by an insecure template expansion defect in Duo Agent Platform Flow definitions across all 18.1.6–18.8.0 releases. The vulnerability could enable Denial of Service or remote code execution on the Gateway. Mitigation in the listed advisories is...
CVE-2026-1868
GitLab has remediated a vulnerability in the Duo Workflow Service component of GitLab AI Gateway affecting all versions of the AI Gateway from 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0 in which AI Gateway was vulnerable to insecure template expansion of user supplied data via crafted D...
GitLab AI Gateway 安全漏洞
GitLab AI Gateway is an artificial intelligence service middleware provided by the US company GitLab. Versions 18.1.6, 18.2.6, 18.3.1 to 18.6.1, 18.7.0, and 18.8.0 of GitLab AI Gateway contain security vulnerabilities. These vulnerabilities stem from insecure template extensions of data provided ...
PT-2026-6978
Name of the Vulnerable Software and Affected Versions GitLab AI Gateway versions 18.1.6 through 18.8.0 Description The GitLab AI Gateway’s Duo Workflow Service component contains a flaw related to improper code generation. This issue allows authenticated attackers to cause a Denial of Service or...
CVE-2025-66405 Portkey.ai Gateway: Server-Side Request Forgery (SSRF) in Custom Host
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch...
CVE-2025-66405 Portkey.ai Gateway: Server-Side Request Forgery (SSRF) in Custom Host
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch...
AI Gateway 代码问题漏洞
AI Gateway is an AI gateway open source by Portkey.ai. A code issue vulnerability exists in AI Gateway versions prior to 1.14.0, which stems from an SSRF vulnerability that could lead to external resource access...