DeepSeek App Transmits Sensitive User and Device Data Without Encryption

A new audit of DeepSeek's mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks. The assessment comes from NowSecure, which also...

CVE-2024-55241

An issue in deep-diver LLM-As-Chatbot before commit 99c2c03 allows a remote attacker to execute arbitrary code via the modelsbyom.py component...

CVE-2024-55241

An issue in deep-diver LLM-As-Chatbot before commit 99c2c03 allows a remote attacker to execute arbitrary code via the modelsbyom.py component...

CVE-2024-55241

CVE-2024-55241 affects the deep-diver LLM-As-Chatbot prior to commit 99c2c03. The issue resides in the modelsbyom.py component and enables a remote attacker to execute arbitrary code. The existing entry indicates a high-severity impact (CVSS 3.1: HIGH, 8.8) with network attack potential and no us...

LLM-As-Chatbot 安全漏洞

LLM-As-Chatbot is a chatbot service by the individual developer Chansung Park. A security vulnerability exists in LLM-As-Chatbot that originates from the execution of arbitrary code via the modelsbyom.py component...

CVE-2024-34440

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.2.63...

CVE-2024-29100

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4...

CVE-2024-32700

Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through 2.0.0...

CVE-2024-4560

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbotchatgptuploadfiletoassistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers, with to uploa...

CVE-2024-13091

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcldwpcfbfileupload' function in all versions up to, and including, 13.5.4. This makes it possible for unauthenticated attackers to upload arbitrary files on th...

CVE-2024-22309

Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue affects ChatBot with AI: from n/a through 5.1.0...

MAL-2025-1021 Malicious code in aws-genai-llm-chatbot (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in mongodb-chatbot-verified-answers (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-855 Malicious code in mongodb-chatbot-verified-answers (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in cdc-chatbot (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-814 Malicious code in cdc-chatbot (npm)

--- -= Per source details. Do not edit below this line.=-...

DeepSeek’s Safety Guardrails Failed Every Test Researchers Threw at Its AI Chatbot

Security researchers tested 50 well-known jailbreaks against DeepSeek’s popular new AI chatbot. It didn’t stop a single one...

The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?

The sudden rise of DeepSeek has raised concerns and questions, especially about the origin and destination of the training data, as well as the security of the data. For those returning from a short holiday away from the news, DeepSeek is a new player on the Artificial Intelligence AI field. The...

Security Bulletin: A vulnerability in Microsoft.BotBuilder affects IBM Robotic Process Automation which may result in elevated privileges (CVE-2024-35255).

Summary A vulnerability in Microsoft.BotBuilder affects IBM Robotic Process Automation which may result in elevated privileges. Microsoft.BotBuilder is used to enable communication between Azure Bot Services and the ChatBot API. This bulletin identifies the security fixes to apply to address the...

CVE-2025-24666

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle AI Chatbot for WordPress – Hyve Lite hyve-lite allows Stored XSS.This issue affects AI Chatbot for WordPress – Hyve Lite: from n/a through = 1.2.2...