Lucene search
+L

669 matches found

Cvelist
Cvelist
added 2026/04/05 1:30 a.m.33 views

CVE-2026-5533 badlogic pi-mono SVG Artifact SvgArtifact.ts cross site scripting

A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible...

5.3CVSS0.00269EPSS
Exploits0References4
CVE
CVE
added 2026/04/05 1:30 a.m.12 views

CVE-2026-5533

The CVE-2026-5533 entry concerns badlogic pi-mono 0.58.4. The vulnerability affects the SVG Artifact Handler, specifically the SvgArtifact.ts file under packages/web-ui/src/tools/artifacts. It is caused by manipulation of an unknown function, leading to cross-site scripting. Remote exploitation i...

5.3CVSS4.6AI score0.00269EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.10 views

Mono 代码注入漏洞

Mono is an open-source software platform used for creating .NET cross-platform applications. Version 0.58.4 of Mono contains a code injection vulnerability, which stems from the cross-site scripting found in the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts...

5.3CVSS5.6AI score0.00269EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.8 views

PT-2026-30426

A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code injection. Remote exploitation of the attack is possible...

6.5CVSS6.2AI score0.00291EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.6 views

PT-2026-30404

A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible...

5.3CVSS4.6AI score0.00269EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.9 views

PT-2026-30427

A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...

6.5CVSS6.2AI score0.0036EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/02 9:25 p.m.3 views

Improper Input Validation

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Improper Input Validation due to inconsistent downmixing behavior in the tomono process. An attacker can manipulate audio inputs to cause the AI mod...

7.1CVSS5.9AI score0.00267EPSS
Exploits0References2
PyPA
PyPA
added 2026/04/02 8:16 p.m.3 views

PYSEC-2026-2299

vLLM is an inference and serving engine for large language models LLMs. From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing tomono, while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results...

7.1CVSS6AI score0.00267EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/02 8:16 p.m.4 views

PYSEC-2026-2299

vLLM is an inference and serving engine for large language models LLMs. From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing tomono, while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results...

7.1CVSS6AI score0.00267EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/02 6:59 p.m.1 views

CVE-2026-34760 vLLM: Downmix Implementation Differences as Attack Vectors Against Audio AI Models

vLLM is an inference and serving engine for large language models LLMs. From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing tomono, while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results...

5.9CVSS5.8AI score0.00267EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/02 6:59 p.m.1 views

CVE-2026-34760

vLLM is an inference and serving engine for large language models LLMs. From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing tomono, while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results...

5.9CVSS5.8AI score0.00267EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.8 views

PT-2026-29877

Name of the Vulnerable Software and Affected Versions vLLM versions 0.5.5 through 0.17.999 Description vLLM, an inference and serving engine for large language models LLMs, exhibits an inconsistency in audio processing. Versions 0.5.5 through 0.17.999 utilize numpy.mean for mono downmixing via...

7.1CVSS5.2AI score0.00267EPSS
Exploits0References13
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 12:47 p.m.14 views

Malicious code in dotenv-mono-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78e4774845081c77828c11c246f1224738c74e91df84182defb19b32ff6a8757 The package dotenv-mono-cli was found to contain malicious code...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/18 12:47 p.m.2 views

MAL-2026-1712 Malicious code in dotenv-mono-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78e4774845081c77828c11c246f1224738c74e91df84182defb19b32ff6a8757 The package dotenv-mono-cli was found to contain malicious code...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-4135

Malware in sbrugna...

6.9CVSS6AI score0.00353EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-1003

Malware in sbrugna...

6.8CVSS6.1AI score0.02928EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-3367

Malware in sbrugna...

6.9CVSS6.2AI score0.00393EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-2504

Malware in sbrugna...

7.5CVSS6.4AI score0.01844EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-0510

Malware in sbrugna...

4.3CVSS6.4AI score0.15949EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-5057

Malware in sbrugna...

6.2CVSS6.1AI score0.00449EPSS
Exploits0References16
Rows per page
Query Builder