5 matches found
CVE-2026-1117
A vulnerability in the lollmsgenerationevents.py component of parisneo/lollms version 5.9.0 allows unauthenticated access to sensitive Socket.IO events. The addevents function registers event handlers such as generatetext, cancelgeneration, generatemsg, and generatemsgfrom without implementing...
CVE-2026-1117 Improper Access Control in parisneo/lollms
A vulnerability in the lollmsgenerationevents.py component of parisneo/lollms version 5.9.0 allows unauthenticated access to sensitive Socket.IO events. The addevents function registers event handlers such as generatetext, cancelgeneration, generatemsg, and generatemsgfrom without implementing...
CVE-2026-1117
A vulnerability in the lollmsgenerationevents.py component of parisneo/lollms version 5.9.0 allows unauthenticated access to sensitive Socket.IO events. The addevents function registers event handlers such as generatetext, cancelgeneration, generatemsg, and generatemsgfrom without implementing...
EUVD-2026-5096
A vulnerability in the lollmsgenerationevents.py component of parisneo/lollms version 5.9.0 allows unauthenticated access to sensitive Socket.IO events. The addevents function registers event handlers such as generatetext, cancelgeneration, generatemsg, and generatemsgfrom without implementing...
LoLLMs WEBUI 访问控制错误漏洞
LoLLMs WEBUI is a web user interface developed by Saifeddine ALOUI. Version 5.9.0 of LoLLMs WEBUI contains an access control vulnerability; this vulnerability stems from the lack of authentication and authorization checks in the lollmsgenerationevents.py component, which may lead to...