Lucene search
K

21 matches found

EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-41443

Server-side request forgery ssrf in Azure OpenAI allows an authorized attacker to elevate privileges over a network...

9.9CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-45499

Technical details for CVE-2026-45499 are not publicly available in the provided documents. Monitor for updates; current sources only reiterate the SSRF elevation in Azure OpenAI without specification of affected products, versions, or fixes.

9.9CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-45499

Server-side request forgery ssrf in Azure OpenAI allows an authorized attacker to elevate privileges over a network...

9.9CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 9:43 a.m.11 views

Malicious code in raise-common-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7401fb7c3259e43181ef51ca47b984450f7a849fed5a9598e6131b4c0ed5d2bb The package's rich-text editor module hardcodes an Azure OpenAI endpoint https://aidevused.openai.azure.com/ and an api-key in...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/25 9:43 a.m.8 views

MAL-2026-4656 Malicious code in raise-common-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7401fb7c3259e43181ef51ca47b984450f7a849fed5a9598e6131b4c0ed5d2bb The package's rich-text editor module hardcodes an Azure OpenAI endpoint https://aidevused.openai.azure.com/ and an api-key in...

5.8AI score
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2026/03/03 12:0 a.m.7 views

This Week in Spring - March 3rd, 2026

Hi Spring fans! Welcome to another rip-roaring installment of This Week in Spring! I'm writing this in an Uber en route to the airport to get to awsome Atlanta, GA, for Devnexus 2026! Who's goin'? You goin'? We - the Spring team - will be there in force! Come say hi at the boothes or come see our...

6AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-23957

Malicious code in bioql PyPI...

10CVSS6.5AI score0.01007EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.23 views

The vulnerability of the Azure OpenAI cloud platform, related to insufficient validation of incoming requests, allows a hacker to escalate their privileges.

The vulnerability of the Azure OpenAI cloud platform is related to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

10CVSS5.8AI score0.01007EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/08/09 9:30 p.m.4 views

CVE-2025-53767

Azure OpenAI Elevation of Privilege Vulnerability...

10CVSS6.8AI score0.01007EPSS
Exploits1References1
NVD
NVD
added 2025/08/07 9:15 p.m.6 views

CVE-2025-53767

Azure OpenAI Elevation of Privilege Vulnerability...

10CVSS0.01007EPSS
Exploits1References1
CVE
CVE
added 2025/08/07 9:1 p.m.53 views

CVE-2025-53767

Azure OpenAI CVE-2025-53767 is an elevation-of-privilege vulnerability rated CVSS v3.1 base score 10 (NETWORK, LOW attack complexity, PR NONE, UI NONE, C:H/I:H/A:N, scope CHANGED). It affects Azure OpenAI and can grant elevated rights with no user interaction. Microsoft has published updates via ...

10CVSS6.5AI score0.01007EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/08/07 9:1 p.m.10 views

CVE-2025-53767 Azure OpenAI Elevation of Privilege Vulnerability

...

10CVSS0.01007EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/08/07 9:1 p.m.4 views

CVE-2025-53767 Azure OpenAI Elevation of Privilege Vulnerability

...

10CVSS6.4AI score0.01007EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2025/08/07 7:0 a.m.11 views

Azure OpenAI Elevation of Privilege Vulnerability

...

10CVSS6.6AI score0.01007EPSS
Exploits1
CNNVD
CNNVD
added 2025/08/07 12:0 a.m.6 views

Microsoft Azure Open AI 代码问题漏洞

Microsoft Azure Open AI is an artificial intelligence service from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Azure Open AI. An attacker can elevate privileges by exploiting the vulnerability...

10CVSS6.9AI score0.01007EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/08/07 12:0 a.m.4 views

PT-2025-32313

Name of the Vulnerable Software and Affected Versions: Azure OpenAI affected versions not specified Description: An elevation of privilege issue exists in Azure OpenAI. Successful exploitation could allow an attacker to gain elevated privileges. Recommendations: At the moment, there is no...

10CVSS6.8AI score0.01007EPSS
Exploits1References13
Kaspersky
Kaspersky
added 2025/08/07 12:0 a.m.6 views

KLA86378 PE vulnerabilities in Microsoft Azure

An elevation of privilege vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure OpenAI can be exploited remotely to gain privileges. 2. A...

10CVSS6.9AI score0.01007EPSS
Exploits1References4
Snyk
Snyk
added 2025/04/01 6:31 a.m.3 views

Incorrect Permission Assignment for Critical Resource

Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource on the Azure OpenAI route. The getmodelfromrequest function does not necessarily enforce access restrictions, when an...

7.1CVSS6.9AI score
Exploits0References3
Spring Security Advisories
Spring Security Advisories
added 2024/05/14 12:0 a.m.19 views

This Week in Spring - May 14th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! This week's highlights in the Spring ecosystem emphasize the ongoing advancements and applications of Spring AI. The discussions range from exploring the impressive VectorStore abstraction and enhanced structured output suppo...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2024/04/05 11:30 a.m.44 views

Attackgen - Cybersecurity Incident Response Testing Tool That Leverages The Power Of Large Language Models And The Comprehensive MITRE ATT&CK Framework

AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details. Star the...

7.4AI score
Exploits0References3
Rows per page
Query Builder