Lucene search
K

563 matches found

CVE
CVE
added 2 hours ago4 views

CVE-2026-55574

CVE-2026-55574 affects vLLM prior to 0.24.0, where structured_outputs.regex passes an unguarded user-supplied regex to grammar backends (xgrammar and outlines). In xgrammar, the string reaches the regex compiler without a timeout guard; in outlines, validation overlooks regex complexity (e.g., ne...

8.7CVSS5.9AI score
Exploits0References3
NVD
NVD
added 13 hours ago4 views

CVE-2026-44934

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials...

7CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 14 hours ago3 views

CVE-2026-44934

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials...

7CVSS6AI score
Exploits0References2Affected Software1
NVD
NVD
added 6 days ago7 views

CVE-2026-58446

Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication AUTHUSERNAME/AUTHPASSWORD, is reachable unauthenticated at /mcp because the nginx front-end does not apply the authrequest gate to that path and the MCP server auto-mints a...

6.9CVSS0.00437EPSS
Exploits0References5
The Hacker News
The Hacker News
added 6 days ago49 views

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just by watching what the app sent: a plaintext API key, a reusable token, or a backend server that accepte...

5.8AI score
Exploits0
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-478 PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution

Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely exploitable Critical chain: 1. The example exposes an A2A server without configuring authtoken. 2. The same example binds the server to 0.0.0.0. 3. The example registers a calculateexpression tool...

9.8CVSS6.5AI score0.00084EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-461 PraisonAI Vulnerable to OS Command Injection

The executecommand function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-generated tool calls, allowing attackers to inject arbitrary shell commands through shell metacharacters. --- Description PraisonAI's workflow system and...

9.6CVSS6.2AI score0.00419EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/06/26 7:27 a.m.8 views

CVE-2026-54235

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. The temperature validation gates, which use comparison operators, incorrectly handle Not-a-Number NaN and positive Infinity values in Python's IEEE 754 float semantics. These invalid values can bypass...

6.9CVSS5.6AI score0.00261EPSS
Exploits1References6
NVD
NVD
added 2026/06/23 8:16 p.m.17 views

CVE-2026-45792

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK Rust Token Killer improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An...

6.9CVSS0.00078EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 7:2 p.m.39 views

CVE-2026-45792 RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK Rust Token Killer improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An...

6.9CVSS0.00078EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.14 views

PT-2026-51583

Name of the Vulnerable Software and Affected Versions rtk versions prior to 0.42.2 Description A flaw in the permission splitter logic fails to conservatively split or reject certain Bash shell constructs that create command-execution boundaries or nested execution. This improper input validation...

7.8CVSS6.2AI score0.00128EPSS
Exploits0References6
NVD
NVD
added 2026/06/22 11:16 p.m.17 views

CVE-2026-54235

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, ll temperature validation gates use comparison operators , which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagat...

6.9CVSS0.00261EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/22 10:20 p.m.5 views

CVE-2026-47155

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.0, vLLM's revision pinning controls do not consistently apply to all artifacts loaded for a model. A deployment that supplies --revision or --code-revision can still load dynamic code, GGUF files, image...

6.5CVSS5.8AI score0.00146EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/22 10:10 p.m.18 views

CVE-2026-54233

Affected software: vLLM (inference/serving engine). Vulnerability: decoding an audio file on the /v1/audio/transcriptions endpoint can cause extreme memory growth. A 25 MB OPUS upload decodes to about 14.9 GB of float32 PCM, because the audio decoder concatenates all frames in memory before retur...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/22 8:37 p.m.3 views

CVE-2026-49468 LiteLLM: Authentication Bypass via Host Header Injection

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.84.0, This vulnerability is fixed in 1.84.0...

9.5CVSS5.8AI score0.00559EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/22 5:21 p.m.7 views

EUVD-2026-38332

LangChain is a framework for building agents and LLM-powered applications. Prior to 1.3.9, several LangChain components that resolve filesystem paths or expand search patterns do not consistently confine the resolved path to the intended root directory. Affected behaviors include: a file-search...

5.1CVSS5.9AI score0.00157EPSS
Exploits0References2
Chainguard
Chainguard
added 2026/06/17 8:56 a.m.7 views

CVE-2026-53538 vulnerabilities

Vulnerabilities for packages: wazuh-manager, wazuh-manager-fips, litellm, airflow, tritonserver-backend-vllm-cuda-12.9, airflow-postgres-fips, airflow-core...

3.7CVSS5.9AI score0.00176EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.10 views

CVE-2026-46517

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

7.8CVSS5.5AI score0.00148EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.4 views

The Emergence of Autonomous Penetration Capabilities in Large Language Model-Powered AI Systems

Nowadays, the autonomous execution of cyberattacks capable of causing substantial real-world harm is widely regarded as one of the critical red lines that frontier AI systems must not cross. Within this broader red-line scenario, autonomous penetration represents a core enabling capability and...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.9 views

Mind Your Key: An Empirical Study of LLM API Credential Leakage in IOS Apps

The rapid integration of large language models LLMs into mobile applications has introduced a new class of credential security risk: leaked credentials that grant unauthorized access to LLM inference services, causing financial damage to developers. Prior work on credential leakage has focused...

5.4AI score
Exploits0
Rows per page
Query Builder