Lucene search
+L

587 matches found

EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44762

Strands Agents is an open-source Python SDK for building and running AI agents. The strands-agents-tools package provides pre-built tools for use with the SDK, including the elasticsearchmemory tool for agent memory storage. We identified CVE-2026-15746, a server-side request forgery SSRF issue i...

6.9CVSS6.1AI score0.00244EPSS
Exploits0References3
OSV
OSV
added 2 days ago3 views

CVE-2026-15746 Credential disclosure in Strands Agents Tools elasticsearch_memory tool

Strands Agents is an open-source Python SDK for building and running AI agents. The strands-agents-tools package provides pre-built tools for use with the SDK, including the elasticsearchmemory tool for agent memory storage. We identified CVE-2026-15746, a server-side request forgery SSRF issue i...

6.9CVSS6.1AI score0.00244EPSS
Exploits0References5
OSV
OSV
added 5 days ago3 views

CVE-2026-56259 Crawl4AI - LLM Credential Exfiltration via base_url and Environment Variable Resolution

Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by...

8.8CVSS6.2AI score0.00254EPSS
Exploits0References4
OSV
OSV
added last week3 views

PYSEC-2026-3443

Crawl4AI before 0.8.7 contains a server-side request forgery SSRF vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, o...

7.5CVSS6.1AI score0.00421EPSS
Exploits0References3
OSV
OSV
added 2026/07/09 11:40 p.m.2 views

CVE-2026-55615 Langroid: Neo4jChatAgent executes LLM-generated Cypher without validation (prompt-to-Cypher injection; config-conditional RCE), mirroring the SQLChatAgent bug fixed in CVE-2026-25879

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.5, Neo4jChatAgent passes LLM-generated Cypher queries straight to the Neo4j driver with no validation, no statement-type allowlist, and no opt-out gate. The query text is influenceable by prompt...

9.2CVSS6.1AI score0.00461EPSS
Exploits0References4
NVD
NVD
added 2026/07/09 6:16 p.m.11 views

CVE-2026-43752

An authenticated administrator may be able to achieve arbitrary code execution on the host system by uploading a malicious file through the Open Source LLM setup feature in the Admin Console. This vulnerability has been addressed in FileMaker Server 26.0.1...

4.9CVSS0.00289EPSS
Exploits0References1
Drupal
Drupal
added 2026/07/08 12:0 a.m.6 views

AI SEO/GEO Analyzer - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-076

The AI SEO/GEO Analyzer module generates SEO/GEO analysis reports by sending content of an entity including its comments to an LLM, then converts the model's Markdown response to HTML and stores it for display to privileged users. The generated HTML was rendered without passing through Drupal's...

5.4CVSS6AI score0.00274EPSS
Exploits0References2
NVD
NVD
added 2026/07/07 9:17 p.m.22 views

CVE-2026-58473

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all L...

9.3CVSS0.00372EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/07/07 8:34 p.m.5 views

CVE-2026-58473 Cognee < 1.2.0 Unauthorized LLM Configuration Overwrite via /api/v1/settings

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all L...

9.3CVSS6AI score0.00372EPSS
Exploits0References4
CVE
CVE
added 2026/07/07 8:34 p.m.13 views

CVE-2026-58473

CVE-2026-58473 (Cognee) vulnerability affects Cognee prior to 1.2.0. An improper access-control flaw allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which lacks admin/superuser checks. This enabl...

9.3CVSS6AI score0.00372EPSS
Exploits0References4
OSV
OSV
added 2026/07/07 4:41 p.m.8 views

GO-2026-5925 Suspended Coder users retain access to AI Bridge LLM proxy endpoints in github.com/coder/coder

Suspended Coder users retain access to AI Bridge LLM proxy endpoints in github.com/coder/coder...

5.4CVSS5.9AI score0.00315EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.5 views

PT-2026-56255

Name of the Vulnerable Software and Affected Versions Cognee versions prior to 1.2.0 Description Improper access control allows unauthenticated attackers to overwrite the global LLM provider configuration. By self-registering an account and calling the '/api/v1/settings' endpoint, which lacks adm...

9.3CVSS6.1AI score0.00372EPSS
Exploits0References6
CVE
CVE
added 2026/07/06 8:5 p.m.14 views

CVE-2026-55574

CVE-2026-55574 affects vLLM prior to 0.24.0, where structured_outputs.regex passes an unguarded user-supplied regex to grammar backends (xgrammar and outlines). In xgrammar, the string reaches the regex compiler without a timeout guard; in outlines, validation overlooks regex complexity (e.g., ne...

8.7CVSS5.9AI score0.00324EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/07/06 9:16 a.m.6 views

CVE-2026-44934

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials...

7CVSS0.00119EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:45 a.m.6 views

CVE-2026-44934

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials...

7CVSS6AI score0.00119EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/06 8:45 a.m.4 views

CVE-2026-44934 Exposed tokens in SUSE Rancher AI Agent logs

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials...

7CVSS6AI score0.00119EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.12 views

PT-2026-55978

Name of the Vulnerable Software and Affected Versions vLLM versions 0.22.0 through 0.23.0 Description The software fails to validate the size of uploaded audio files before loading them into memory. Specifically, the endpoints '/v1/audio/transcriptions' and '/v1/audio/translations' execute the...

6.5CVSS6.2AI score0.00289EPSS
Exploits0References10
NVD
NVD
added 2026/06/30 10:16 p.m.10 views

CVE-2026-58446

Presenton before 0.8.8-beta bundles an MCP server that, on server/Docker deployments configured with session authentication AUTHUSERNAME/AUTHPASSWORD, is reachable unauthenticated at /mcp because the nginx front-end does not apply the authrequest gate to that path and the MCP server auto-mints a...

6.9CVSS0.00437EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2026/06/30 1:49 p.m.54 views

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just by watching what the app sent: a plaintext API key, a reusable token, or a backend server that accepte...

5.8AI score
Exploits0
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-478 PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution

Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely exploitable Critical chain: 1. The example exposes an A2A server without configuring authtoken. 2. The same example binds the server to 0.0.0.0. 3. The example registers a calculateexpression tool...

9.8CVSS6.5AI score0.00084EPSS
Exploits0References5
Rows per page
Query Builder