669 matches found
CVE-2026-5533 badlogic pi-mono SVG Artifact SvgArtifact.ts cross site scripting
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible...
CVE-2026-5533
The CVE-2026-5533 entry concerns badlogic pi-mono 0.58.4. The vulnerability affects the SVG Artifact Handler, specifically the SvgArtifact.ts file under packages/web-ui/src/tools/artifacts. It is caused by manipulation of an unknown function, leading to cross-site scripting. Remote exploitation i...
Mono 代码注入漏洞
Mono is an open-source software platform used for creating .NET cross-platform applications. Version 0.58.4 of Mono contains a code injection vulnerability, which stems from the cross-site scripting found in the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts...
PT-2026-30426
A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code injection. Remote exploitation of the attack is possible...
PT-2026-30404
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible...
PT-2026-30427
A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation results in authentication bypass using alternate channel. The attack can be executed remotely. The...
Improper Input Validation
Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Improper Input Validation due to inconsistent downmixing behavior in the tomono process. An attacker can manipulate audio inputs to cause the AI mod...
PYSEC-2026-2299
vLLM is an inference and serving engine for large language models LLMs. From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing tomono, while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results...
PYSEC-2026-2299
vLLM is an inference and serving engine for large language models LLMs. From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing tomono, while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results...
CVE-2026-34760 vLLM: Downmix Implementation Differences as Attack Vectors Against Audio AI Models
vLLM is an inference and serving engine for large language models LLMs. From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing tomono, while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results...
CVE-2026-34760
vLLM is an inference and serving engine for large language models LLMs. From version 0.5.5 to before version 0.18.0, Librosa defaults to using numpy.mean for mono downmixing tomono, while the international standard ITU-R BS.775-4 specifies a weighted downmixing algorithm. This discrepancy results...
PT-2026-29877
Name of the Vulnerable Software and Affected Versions vLLM versions 0.5.5 through 0.17.999 Description vLLM, an inference and serving engine for large language models LLMs, exhibits an inconsistency in audio processing. Versions 0.5.5 through 0.17.999 utilize numpy.mean for mono downmixing via...
Malicious code in dotenv-mono-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78e4774845081c77828c11c246f1224738c74e91df84182defb19b32ff6a8757 The package dotenv-mono-cli was found to contain malicious code...
MAL-2026-1712 Malicious code in dotenv-mono-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78e4774845081c77828c11c246f1224738c74e91df84182defb19b32ff6a8757 The package dotenv-mono-cli was found to contain malicious code...
EUVD-2010-4135
Malware in sbrugna...
EUVD-2011-1003
Malware in sbrugna...
EUVD-2010-3367
Malware in sbrugna...
EUVD-2006-2504
Malware in sbrugna...
EUVD-2005-0510
Malware in sbrugna...
EUVD-2006-5057
Malware in sbrugna...