24 matches found
CVE-2026-7021
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...
CVE-2026-7021
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...
EUVD-2026-25696
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...
CVE-2026-7021 SmythOS sre Connector Service utils.ts information disclosure
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...
CVE-2026-7021
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...
CVE-2026-7021
SmythOS SRE up to 0.0.15 is affected by CVE-2026-7021 in the Connector Service, specifically via the file packages/sdk/src/LLM/utils.ts. The vulnerability arises from manipulating the baseURL argument, leading to information disclosure. The issue is exploitable remotely and publicly available too...
CVE-2026-7021 SmythOS sre Connector Service utils.ts information disclosure
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...
SmythOS 信息泄露漏洞
SmythOS is an open-source infrastructure for the execution and development of AI agents. Versions of SmythOS prior to 0.0.15 contained a vulnerability related to information leakage. This vulnerability stemmed from operations on the baseURL parameter in the Connector Service component’s files...
PT-2026-35202
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...
CVE-2022-23909
There is an unquoted service path in Sherpa Connector Service SherpaConnectorService.exe 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file...
EUVD-2022-28831
Malicious code in bioql PyPI...
Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path
Exploit Title: Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path Exploit Author: Manthan Chhabra netsectuna, Harshit fumenoid Version: 2020.2.20328.2050 Date: 02/04/2022 Vendor Homepage: http://gimmal.com/ Vulnerability Type: Unquoted Service Path Tested on: Windows 10 CVE:...
Sherpa Connector Service 2020.2.20328.2050 Unquoted Service Path Vulnerability
Exploit Title: Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path Exploit Author: Manthan Chhabra netsectuna, Harshit fumenoid Version: 2020.2.20328.2050 Vendor Homepage: http://gimmal.com/ Vulnerability Type: Unquoted Service Path Tested on: Windows 10 CVE: CVE-2022-23909 Step t...
CVE-2022-23909
There is an unquoted service path in Sherpa Connector Service SherpaConnectorService.exe 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file...
CVE-2022-23909
There is an unquoted service path in Sherpa Connector Service SherpaConnectorService.exe 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file...
CVE-2022-23909
There is an unquoted service path in Sherpa Connector Service SherpaConnectorService.exe 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file...
Design/Logic Flaw
There is an unquoted service path in Sherpa Connector Service SherpaConnectorService.exe 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file...
CVE-2022-23909
There is an unquoted service path in Sherpa Connector Service SherpaConnectorService.exe 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:\Program Files\Sherpa Software\Sherpa.exe" file...
CVE-2022-23909
The CVE-2022-23909 entry concerns an unquoted service path in the Sherpa Connector Service (SherpaConnectorService.exe, version 2020.2.20328.2050). Multiple sources (NVD, Red Hat, CVE listings, ExploitDB) describe a local privilege escalation where a local attacker could create the file C:\Progra...
Gimmal Sherpa Connector Service 代码问题漏洞
Gimmal Sherpa Connector Service is a connector service from Gimmal USA. A security vulnerability exists in Sherpa Connector Service version 2020.2.20328.2050, which originates from an unreferenced service path. A local attacker can exploit the vulnerability to escalate privileges by creating the...