CVE-2025-69388

Missing Authorization vulnerability in cliengo Cliengo – Chatbot cliengo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cliengo – Chatbot: from n/a through = 3.0.4...

CVE-2025-69388 WordPress Cliengo – Chatbot plugin <= 3.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in cliengo Cliengo – Chatbot cliengo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cliengo – Chatbot: from n/a through = 3.0.4...

CVE-2025-69388 WordPress Cliengo – Chatbot plugin <= 3.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in cliengo Cliengo – Chatbot cliengo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cliengo – Chatbot: from n/a through = 3.0.4...

CVE-2025-69388

CVE-2025-69388 affects WordPress Cliengo – Chatbot plugin

CVE-2026-25338

Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through = 2.7.4...

PT-2026-21169

Name of the Vulnerable Software and Affected Versions Cliengo – Chatbot versions through 3.0.4 Description An authorization issue exists in Cliengo – Chatbot, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update Cliengo – Chatbot to a version...

CVE-2026-25338

Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through = 2.7.4...

WordPress plugin AI ChatBot with ChatGPT and Content Generator by AYS 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Scammers use fake “Gemini” AI chatbot to sell fake “Google Coin”

Scammers have found a new use for AI: creating custom chatbots posing as real AI assistants to pressure victims into buying worthless cryptocurrencies. We recently came across a live "Google Coin" presale site featuring a chatbot that claimed to be Google's Gemini AI assistant. The bot guided...

Microsoft Finds “Summarize with AI” Prompts Manipulating Chatbot Recommendations

New research from Microsoft has revealed that legitimate businesses are gaming artificial intelligence AI chatbots via the "Summarize with AI" button that's being increasingly placed on websites in ways that mirror classic search engine poisoning SEO. The new AI hijacking technique has been...

WordPress Cliengo – Chatbot plugin <= 3.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Cliengo – Chatbot versions = 3.0.4...

@n8n/chat (>=1.0.0 <=1.19.0) potentially affected by CVE-2026-25054 via @n8n/design-system (>=2.0.0 <=2.1.0)

@n8n/design-system NPM version =2.0.0, =1.0.0, =1.19.0 Source cves: CVE-2026-25054 Source advisory: SNYK:JS-N8NDESIGNSYSTEM-15225250...

Firefox is giving users the AI off switch

Some software providers have decided to lead by example and offer users a choice about the Artificial Intelligence AI features built into their products. The latest example is Mozilla, which now offers users a one-click option to disable generative AI features in the Firefox browser. Audiences ar...

WordPress AI ChatBot plugin <= 5.3.4 - Missing Authorization via openai_file_delete_callback vulnerability

Missing Authorization via openaifiledeletecallback vulnerability discovered by Francesco Carlucci in WordPress Plugin ChatBot versions = 5.3.4...

WordPress AI ChatBot plugin <= 5.3.4 - Missing Authorization via openai_file_list_callback vulnerability

Missing Authorization via openaifilelistcallback vulnerability discovered by Francesco Carlucci in WordPress Plugin ChatBot versions = 5.3.4...

Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox

Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn off generative artificial intelligence GenAI features. "It provides a single place to block current and future generative AI features in Firefox," Ajit Varma, head of...

Malicious Package

Overview cdc-chatbot is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

CVE-2026-24399

ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an payload containing a javascript: URI can be processed and executed in the browser context. This allow...

EUVD-2026-4613

ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an payload containing a javascript: URI can be processed and executed in the browser context. This allow...

CVE-2025-65098 Typebot Vulnerable to Credential Theft via Client-Side Script Execution and API Authorization Bypass

Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI key...