CVE-2026-0613

The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...

The Librarian security vulnerability

The Librarian is a personal AI assistant software developed by The Librarian Company in Singapore. The Librarian has a security vulnerability, which stems from an information leakage issue in the webFetch tool. This vulnerability could potentially be exploited to make requests through the The...

PT-2026-3247

Name of the Vulnerable Software and Affected Versions The Librarian affected versions not specified Description The Librarian software has an information leakage issue stemming from the web fetch tool. This allows an attacker to retrieve arbitrary external content, potentially using The Librarian...

EUVD-2018-1848

Malware in sbrugna...

EUVD-2017-1505

Malware in sbrugna...

EUVD-2022-50611

Malicious code in bioql PyPI...

CVE-2024-40500

Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component...

CVE-2024-54819

I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery SSRF due to improper input validation in classes/security/validation.php...

CVE-2022-47854

i-librarian 4.10 is vulnerable to Arbitrary file upload in ajaxsupplement.php...

CVE-2018-1000124

I Librarian I-librarian version 4.8 and earlier contains a XML External Entity XXE vulnerability in line 154 of importmetadata.phpsimplexmlloadstring that can result in an attacker reading the contents of a file and SSRF. This attack appear to be exploitable via posting xml in the Parameter...

CVE-2017-1000235

I, Librarian version =4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised...

CVE-2024-54819

I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery SSRF due to improper input validation in classes/security/validation.php...

CVE-2024-54819

I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery SSRF due to improper input validation in classes/security/validation.php...

CVE-2024-54819

I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery SSRF due to improper input validation in classes/security/validation.php...

i-librarian 安全漏洞

i-librarian is an online service from Martin Kucej Personal Developer that will organize your PDF files and office document collections. A security vulnerability exists in i-librarian v.5.11.0 and earlier versions, which stems from the presence of a cross-site scripting vulnerability that allows ...

CVE-2022-47854

i-librarian 4.10 is vulnerable to Arbitrary file upload in ajaxsupplement.php...

PT-2019-12314

Name of the Vulnerable Software and Affected Versions I, Librarian version 4.10 Description The issue is related to a security problem where an attacker can execute malicious scripts. This is achieved through the notes parameter in the "notes.php" endpoint. Recommendations For I, Librarian versio...

PT-2019-12255

Name of the Vulnerable Software and Affected Versions I, Librarian version 4.10 Description A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the project parameter in the display.php file. Recommendations For I, Librari...

Command injection

I, Librarian version =4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised...

I, Librarian Catalog Enumeration Vulnerability

Scilico I, Librarian is the United States Scilico company a set of online PDF document management system. A security vulnerability exists in the jqueryFileTree.php file in Scilico I, Librarian versions 4.6 and earlier and 4.7. An attacker can exploit the vulnerability to enumerate directories...