Juju 安全漏洞

Juju is a canonical Juju open-source application orchestration engine. Versions 3.2.0 to 3.6.19, as well as 4.0 to 4.0.4, have security vulnerabilities. These vulnerabilities stem from the internal Dqlite database cluster failing to perform proper TLS client and server authentication. This allows...

CVE-2026-24477

CVE-2026-24477 affects AnythingLLM (prior to 1.10.0) when configured with Qdrant as the vector database. The root cause is exposure of the QdrantApiKey in plain text through the /api/setup-complete endpoint, enabling an unauthenticated attacker to gain full read/write access to the Qdrant vector ...

Sql injection

An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user...

CVE-2021-35212 Blind SQL injection Vulnerability

An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user...