Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Theia versions prior to 1.71.0, files matching the pattern .prompts/.prompttemplate in a workspace were automatically loaded and could override or...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.10 views

CVE-2026-34837

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, he REST endpoint POST /api/v1/aiassistance/texttools/:id contains an authorization failure. Context data e.g., a group or organization supplied to be used in the AI prompt were not checked if they are accessible f...

5.3CVSS5.5AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 7:25 p.m.5 views

CVE-2026-34837

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, he REST endpoint POST /api/v1/aiassistance/texttools/:id contains an authorization failure. Context data e.g., a group or organization supplied to be used in the AI prompt were not checked if they are accessible f...

5.3CVSS0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31424

Name of the Vulnerable Software and Affected Versions Zammad versions prior to 7.0.1 Description Zammad, a web-based open-source helpdesk system, has an authorization failure in the REST endpoint POST /api/v1/ai assistance/text tools/:id. Context data provided for use in the AI prompt was not...

5.3CVSS5.9AI score0.0018EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 4:0 a.m.10 views

Malicious code in aquasecurityofficial.trivy-vulnerability-scanner (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security b6cab1dae06f51e2aaa57704d8374b6882440070d0796e7b719a85e6f803888b This extension is a compromised version of the offical Trivy VSCode extension available on the Microsoft Marketplace. Versions 1.8.11 and...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/26 4:0 a.m.8 views

MAL-2026-2230 Malicious code in aquasecurityofficial.trivy-vulnerability-scanner (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security b6cab1dae06f51e2aaa57704d8374b6882440070d0796e7b719a85e6f803888b This extension is a compromised version of the offical Trivy VSCode extension available on the Microsoft Marketplace. Versions 1.8.11 and...

5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.13 views

PT-2026-5959

Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A flaw exists in Moodle due to improper sanitization of AI prompt responses. This allows attackers to inject malicious HTML or script into web pages. Successful exploitation could lead to...

7.3CVSS5.4AI score0.00232EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/12/19 12:37 p.m.6 views

CVE-2025-67849

A flaw was found in Moodle. This cross-site scripting XSS vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. When other users view these compromised pages, their sessions could be stolen, or the user interface...

5.6AI score0.00232EPSS
Exploits0References2
Wallarm Lab
Wallarm Lab
added 2025/10/09 11:0 a.m.6 views

API Attack Awareness: Injection Attacks in APIs – Old Threat, New Surface

Injection attacks are among the oldest tricks in the attacker playbook. And yet they persist. The problem is that the core weakness, trusting user inputs too much, keeps resurfacing in new forms. As organizations have shifted to API-driven architectures and integrated AI systems that consume...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/13 12:0 a.m.3 views

PromptChain: a Decentralized Web3 Architecture for Managing AI Prompts As Digital Assets

We present PromptChain, a decentralized Web3 architecture that establishes AI prompts as first-class digital assets with verifiable ownership, version control, and monetization capabilities. Current centralized platforms lack mechanisms for proper attribution, quality assurance, or fair...

6.9AI score
Exploits0
Rows per page
Query Builder