Lucene search
+L

279 matches found

osv
osv
added 5 days ago3 views

CVE-2026-56259 Crawl4AI - LLM Credential Exfiltration via base_url and Environment Variable Resolution

Crawl4AI before 0.8.8 contains credential exfiltration vulnerabilities in the Docker API server that allow attackers to redirect LLM API calls to attacker-controlled endpoints and read arbitrary environment variables. Attackers can exploit the unauthenticated /md, /llm, and /llm/job endpoints by...

8.8CVSS6.2AI score0.00254EPSS
Exploits0References4
osv
osv
added 2026/07/09 11:40 p.m.2 views

CVE-2026-55615 Langroid: Neo4jChatAgent executes LLM-generated Cypher without validation (prompt-to-Cypher injection; config-conditional RCE), mirroring the SQLChatAgent bug fixed in CVE-2026-25879

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.5, Neo4jChatAgent passes LLM-generated Cypher queries straight to the Neo4j driver with no validation, no statement-type allowlist, and no opt-out gate. The query text is influenceable by prompt...

9.2CVSS6.1AI score0.00461EPSS
Exploits0References4
cve
cve
added 2026/07/07 8:34 p.m.13 views

CVE-2026-58473

CVE-2026-58473 (Cognee) vulnerability affects Cognee prior to 1.2.0. An improper access-control flaw allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which lacks admin/superuser checks. This enabl...

9.3CVSS6AI score0.00372EPSS
Exploits0References4
osv
osv
added 2026/07/07 4:41 p.m.8 views

GO-2026-5925 Suspended Coder users retain access to AI Bridge LLM proxy endpoints in github.com/coder/coder

Suspended Coder users retain access to AI Bridge LLM proxy endpoints in github.com/coder/coder...

5.4CVSS5.9AI score0.00315EPSS
Exploits0References2
cve
cve
added 2026/07/06 8:5 p.m.14 views

CVE-2026-55574

CVE-2026-55574 affects vLLM prior to 0.24.0, where structured_outputs.regex passes an unguarded user-supplied regex to grammar backends (xgrammar and outlines). In xgrammar, the string reaches the regex compiler without a timeout guard; in outlines, validation overlooks regex complexity (e.g., ne...

8.7CVSS5.9AI score0.00324EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/07/06 8:45 a.m.4 views

CVE-2026-44934 Exposed tokens in SUSE Rancher AI Agent logs

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials...

7CVSS6AI score0.00119EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/07/06 8:45 a.m.6 views

CVE-2026-44934

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials...

7CVSS6AI score0.00119EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.12 views

PT-2026-55978

Name of the Vulnerable Software and Affected Versions vLLM versions 0.22.0 through 0.23.0 Description The software fails to validate the size of uploaded audio files before loading them into memory. Specifically, the endpoints '/v1/audio/transcriptions' and '/v1/audio/translations' execute the...

6.5CVSS6.2AI score0.00289EPSS
Exploits0References10
thn
thn
added 2026/06/30 1:49 p.m.54 views

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just by watching what the app sent: a plaintext API key, a reusable token, or a backend server that accepte...

5.8AI score
Exploits0
redhatcve
redhatcve
added 2026/06/26 7:27 a.m.8 views

CVE-2026-54235

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. The temperature validation gates, which use comparison operators, incorrectly handle Not-a-Number NaN and positive Infinity values in Python's IEEE 754 float semantics. These invalid values can bypass...

6.9CVSS5.6AI score0.00261EPSS
Exploits1References6
cvelist
cvelist
added 2026/06/23 7:2 p.m.41 views

CVE-2026-45792 RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK Rust Token Killer improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An...

6.9CVSS0.00078EPSS
Exploits0References3
nvd
nvd
added 2026/06/22 11:16 p.m.22 views

CVE-2026-54235

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, ll temperature validation gates use comparison operators , which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagat...

6.9CVSS0.00261EPSS
Exploits1References3
attackerkb
attackerkb
added 2026/06/22 10:20 p.m.6 views

CVE-2026-47155

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.22.0, vLLM's revision pinning controls do not consistently apply to all artifacts loaded for a model. A deployment that supplies --revision or --code-revision can still load dynamic code, GGUF files, image...

6.5CVSS5.8AI score0.00146EPSS
Exploits0References5Affected Software1
cve
cve
added 2026/06/22 10:10 p.m.35 views

CVE-2026-54233

Affected software: vLLM (inference/serving engine). Vulnerability: decoding an audio file on the /v1/audio/transcriptions endpoint can cause extreme memory growth. A 25 MB OPUS upload decodes to about 14.9 GB of float32 PCM, because the audio decoder concatenates all frames in memory before retur...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/06/22 9:59 p.m.2 views

CVE-2026-54235 vLLM: temperature=NaN and temperature=Infinity bypass validation and propagate to GPU kernels

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, ll temperature validation gates use comparison operators , which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagat...

6.9CVSS5.9AI score0.00261EPSS
Exploits1References5
osv
osv
added 2026/06/22 9:55 p.m.4 views

CVE-2026-53923 vLLM GGUF Kernels: int64_t to int truncation of tensor dimensions causes GPU buffer overflow

vLLM is an inference and serving engine for large language models LLMs. From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels csrc/quantization/gguf/ggufkernel.cu causes partial tensor processing. The output tensor is allocated at full size via...

5.3CVSS5.9AI score0.00281EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/06/17 10:7 a.m.4 views

CVE-2026-12491

A flaw was found in vLLM, an open-source library for large language model inference. This vulnerability arises from improper handling of image metadata, specifically EXIF orientation and PNG transparency tRNS data, during image processing. When images are converted to RGB, transparency informatio...

4.8CVSS5.8AI score0.00239EPSS
Exploits0References3Affected Software1
packetstormnews
packetstormnews
added 2026/06/10 12:0 a.m.13 views

Mind Your Key: An Empirical Study of LLM API Credential Leakage in IOS Apps

The rapid integration of large language models LLMs into mobile applications has introduced a new class of credential security risk: leaked credentials that grant unauthorized access to LLM inference services, causing financial damage to developers. Prior work on credential leakage has focused...

5.4AI score
Exploits0
euvd
euvd
added 2026/06/08 3:32 p.m.11 views

EUVD-2026-35116

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluation create and update mass-assignment allows cross-workspace evaluation takeover. This issue has been patched in version 3.1.2...

7.7CVSS5.3AI score0.00335EPSS
Exploits0References2
euvd
euvd
added 2026/06/08 3:31 p.m.13 views

EUVD-2026-35113

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, CustomTemplate create and update mass-assignment allows cross-workspace template takeover. This issue has been patched in version 3.1.2...

7.7CVSS5.3AI score0.00335EPSS
Exploits0References2
Rows per page
Query Builder