CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-7790

Malicious code in bioql PyPI...

9.3CVSS6.5AI score0.01271EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-7789

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00457EPSS

Exploits0References3

RedhatCVE•added 2025/03/09 4:41 p.m.•12 views

CVE-2025-27518

Cognita is a RAG Retrieval Augmented Generation Framework for building modular, open source applications for production by TrueFoundry. An insecure CORS configuration in the Cognita backend server allows arbitrary websites to send cross site requests to the application. This vulnerability is fixe...

6.9CVSS6.5AI score0.00457EPSS

Exploits0References1

RedhatCVE•added 2025/03/09 4:31 p.m.•21 views

CVE-2025-27519

Cognita is a RAG Retrieval Augmented Generation Framework for building modular, open source applications for production by TrueFoundry. A path traversal issue exists at /v1/internal/upload-to-local-directory which is enabled when the Local env variable is set to true, such as when Cognita is setu...

9.3CVSS7.7AI score0.01271EPSS

Exploits1References1

NVD•added 2025/03/07 4:15 p.m.•9 views

CVE-2025-27519

9.3CVSS0.01271EPSS

Exploits1References3

NVD•added 2025/03/07 4:15 p.m.•6 views

CVE-2025-27518

6.9CVSS0.00457EPSS

Exploits0References3

Vulnrichment•added 2025/03/07 3:36 p.m.•8 views

CVE-2025-27518 Cognita CORS misconfiguration in backend API server

6.9CVSS6.8AI score0.00457EPSS

Exploits0References3

CVE•added 2025/03/07 3:36 p.m.•81 views

CVE-2025-27518

CVE-2025-27518 affects Cognita (the RAG framework) backend server. The issue is an insecure CORS configuration that allows arbitrary websites to send cross-site requests to the Cognita application. Root cause: misconfigured CORS on the backend. Reported impact is that cross-origin requests could ...

6.9CVSS6.8AI score0.00457EPSS

Exploits0References3

OSV•added 2025/03/07 3:36 p.m.•4 views

CVE-2025-27518 Cognita CORS misconfiguration in backend API server

6.9CVSS6.7AI score0.00457EPSS

Exploits0References5

Cvelist•added 2025/03/07 3:36 p.m.•16 views

CVE-2025-27518 Cognita CORS misconfiguration in backend API server

6.9CVSS0.00457EPSS

Exploits0References3

Cvelist•added 2025/03/07 3:36 p.m.•15 views

CVE-2025-27519 Cognita Arbitrary File Write

9.3CVSS0.01271EPSS

Exploits1References3

Vulnrichment•added 2025/03/07 3:36 p.m.•8 views

CVE-2025-27519 Cognita Arbitrary File Write

9.3CVSS7.9AI score0.01271EPSS

Exploits1References3

CVE•added 2025/03/07 3:36 p.m.•83 views

CVE-2025-27519

CVE-2025-27519 concerns Cognita, a TrueFoundry RAG framework. A path traversal flaw exists in the Docker/deployed setup when LocalEnv is true, exploitable via /v1/internal/upload-to-local-directory. An attacker can overwrite /app/backend/init .py, and due to uvicorn with auto-reload in the contai...

9.3CVSS7.9AI score0.01271EPSS

Exploits1References3

OSV•added 2025/03/07 3:36 p.m.•8 views

CVE-2025-27519 Cognita Arbitrary File Write

9.3CVSS7.8AI score0.01271EPSS

Exploits1References5

CNNVD•added 2025/03/07 12:0 a.m.•3 views

Cognita 路径遍历漏洞

Cognita is a TrueFoundry open source RAG framework for building TrueFoundry production modular open source applications. A path traversal vulnerability exists in Cognita. An attacker exploiting this vulnerability could remotely execute code...

9.3CVSS6.7AI score0.01271EPSS

Exploits1References5

CNNVD•added 2025/03/07 12:0 a.m.•6 views

Cognita 跨站脚本漏洞

Cognita is a TrueFoundry open source RAG framework for building TrueFoundry production modular open source applications. Cognita suffers from a cross-site scripting vulnerability that stems from an insecure CORS configuration...

6.9CVSS6.2AI score0.00457EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by