12 matches found
EUVD-2025-22156
Malicious code in bioql PyPI...
MAL-2025-36385 Malicious code in test-mlw2-swink-manly-celeb-dippy (npm)
The package test-mlw2-swink-manly-celeb-dippy was found to contain malicious code...
Malicious code in test-mlw2-swink-manly-celeb-dippy (npm)
The package test-mlw2-swink-manly-celeb-dippy was found to contain malicious code...
CVE-2025-51868
Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...
CVE-2025-51868
Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...
CVE-2025-51868
Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...
CVE-2025-51868
CVE-2025-51868 describes an Insecure Direct Object Reference (IDOR) in Dippy v2. An attacker can access sensitive information through the conversation_id parameter of the conversation_history endpoint, leading to disclosure of other users’ conversation histories. Affected: Dippy version 2 (chat.d...
PT-2025-30339 · Dippy · Dippy
Name of the Vulnerable Software and Affected Versions: Dippy version 2 Description: An Insecure Direct Object Reference IDOR vulnerability exists in Dippy that allows attackers to gain sensitive information. The vulnerability is present in the conversation history API endpoint and is exploitable...
Dippy 安全漏洞
Dippy is an AI chat site from Dippy Inc. A security vulnerability exists in Dippy version v2, which stems from improper access control of the conversationid parameter and could lead to the disclosure of sensitive information...
CVE-2025-51868
Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...
Malicious code in dippy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af70946fdaf395b54bd0c8aba760c2cf4f74450a051e4329e81faffc9285d74b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2475 Malicious code in dippy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af70946fdaf395b54bd0c8aba760c2cf4f74450a051e4329e81faffc9285d74b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...