6 matches found
CVE-2026-45792
rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK Rust Token Killer improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An...
CVE-2025-65368
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...
CVE-2025-65368
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...
CVE-2025-65368
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...
PT-2026-3106
Name of the Vulnerable Software and Affected Versions SparkyFitness version 0.15.8.2 Description SparkyFitness is susceptible to Cross-Site Scripting XSS attacks. The issue stems from improper handling of user input and output from Large Language Models LLMs. This allows for the injection of...
CVE-2025-65368
SparkyFitness v0.15.8.2 is vulnerable to Cross Site Scripting XSS via user input and LLM output...