267 matches found
Lunary 访问控制错误漏洞
lunary is a production toolkit for LLM. An access control error vulnerability exists in lunary that stems from insufficient validation of roles and permissions on the backend. An attacker could exploit this vulnerability to cause information disclosure...
Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats
Google's Gemini large language model LLM is susceptible to security threats that could cause it to divulge system prompts, generate harmful content, and carry out indirect injection attacks. The findings come from HiddenLayer, which said the issues impact consumers using Gemini Advanced with Goog...
How Public AI Can Strengthen Democracy
With the worlds focus turning to misinformation, manipulation, and outright propaganda ahead of the 2024 U.S. presidential election, we know that democracy has an AI problem. But were learning that AI has a democracy problem, too. Both challenges must be addressed for the sake of democratic...
PT-2023-9274 · Superagi · Superagi
Name of the Vulnerable Software and Affected Versions: SuperAGI versions all Description: The issue is related to the incorrect management of code generation in the eval function of the SuperAGI framework, which can be exploited by a remote attacker to execute arbitrary code and gain full control...
A rundown of the OWASP top 10 for large language model applications
As part of the Open Worldwide Application Security Project OWASP AI Project, a community of international experts published a list of the top 10 critical vulnerabilities seen in Large Language Model LLM applications...
Langchain 安全漏洞
LangChain is used to build applications using LLM through composability. A security vulnerability exists in Langchain version 0.0.171, which stems from an arbitrary code execution vulnerability...
Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis
Google's cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative AI models to gain better visibility into the threat landscape. Powering the cybersecurity suite is Sec-PaLM, a specialized large language model LLM that's...