Lucene search
K

47 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/27 9:6 p.m.7 views

CVE-2026-28400

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST /engines/configure endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server llama.cpp...

7.5CVSS6.1AI score0.00226EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/27 9:6 p.m.4 views

CVE-2026-28400 Docker Model Runner Unauthenticated Runtime Flag Injection via _configure Endpoint

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST /engines/configure endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server llama.cpp...

7.5CVSS6.1AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/27 9:6 p.m.8 views

EUVD-2026-9073

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST /engines/configure endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server llama.cpp...

7.5CVSS6.1AI score0.00226EPSS
Exploits0References2
CVE
CVE
added 2026/02/27 9:6 p.m.19 views

CVE-2026-28400

Affected software/versions: Docker Model Runner (DMR) prior to 1.0.16. Vulnerability: POST /engines/_configure accepts arbitrary runtime flags without authentication, forwarded to the inference server (llama.cpp). Impact: via injecting --log-file, an attacker with network access can write/overwri...

7.5CVSS6.1AI score0.00226EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.9 views

Docker Model Runner 安全漏洞

Docker Model Runner is an open-source Docker model runner developed by Docker. Versions of Docker Model Runner prior to 1.0.16 contained security vulnerabilities. These vulnerabilities stemmed from unvalidated POST endpoints that allowed arbitrary runtime flags to be accepted. This could enable...

7.5CVSS7.3AI score0.00226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.10 views

PT-2026-22403

Name of the Vulnerable Software and Affected Versions Docker Model Runner versions prior to 1.0.16 Docker Desktop versions prior to 4.61.0 when Model Runner is enabled Description Docker Model Runner is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expo...

7.5CVSS6.1AI score0.00226EPSS
Exploits0References14
Spring Security Advisories
Spring Security Advisories
added 2025/04/15 12:0 a.m.5 views

This Week in Spring - April 15th, 2025

Spring AI M7 is here! This new release includes a bunch of awesome new features! And some refactorings. Notably that the Spring AI auto-configuration has changed from a single monolithic artifact to individual auto-configuration artifacts per model, vector store, and other components. This change...

7.2AI score
Exploits0
Rows per page
Query Builder