49 matches found
Spring AI's VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...
CVE-2026-40966
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...
CVE-2026-40966 VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...
CVE-2026-40966
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...
CVE-2026-40966 VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...
EUVD-2026-26002
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...
CVE-2026-40966
Spring AI vulnerability CVE-2026-40966: VectorStoreChatMemoryAdvisor allows cross-tenant exfiltration by injecting filter logic through a user-supplied conversationId, bypassing chat isolation. Affected: apps using VectorStoreChatMemoryAdvisor with conversationId from input. Impact: confidentiali...
PT-2026-35676
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...
PT-2026-34454
Name of the Vulnerable Software and Affected Versions Ollama affected versions not specified Description An out-of-bounds heap read/write issue exists in the GGUF model quantization engine. An attacker can exploit this by uploading a specially crafted GPT-Generated Unified Format GGUF file to the...
MAL-2026-2486 Malicious code in gangomodule (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8117683c90fb188f9fc013b3b3006dc5e31269d2511dd7c80eea9ac7b6892d09 During installation, obfuscated code validates the environment against typical sandboxing signs and attempts to download the next stages from remote sources. T...
EUVD-2012-0976
Malware in sbrugna...
EUVD-2021-13167
Malware in sbrugna...
EUVD-2022-7720
Malicious code in bioql PyPI...
CVE-2025-7028
A vulnerability in the Software SMI handler SwSmiInputValue 0x20 allows a local attacker to supply a crafted pointer FuncBlock through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo that...
CVE-2023-20518
Incomplete cleanup in the ASP may expose the Master Encryption Key MEK to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality...
CVE-2023-20518
CVE-2023-20518 describes an incomplete cleanup in the AMD Secure Processor (ASP) that could expose the Master Encryption Key (MEK) to a privileged attacker with BIOS/UEFI access, leading to potential confidentiality loss. The vulnerability spans ASP, SEV, and SEV-SNP related firmware; exploitatio...
CVE-2023-20518
Incomplete cleanup in the ASP may expose the Master Encryption Key MEK to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality...
PT-2024-11951 · Asp +1 · Asp +1
Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: The issue is related to incomplete cleanup in the ASP, which may expose the Master Encryption Key MEK to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltrati...
SUSE CVE-2022-46149
Cap'n Proto is a data interchange format and remote procedure call RPC system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error...
CVE-2023-20528
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory contents over the I2C bus potentially leading to a loss of confidentiality...