ragas 安全漏洞

Ragas is an open-source toolkit developed by Vibrant Labs for optimizing and evaluating large language models. Versions of Ragas 0.4.3 and earlier contained a security vulnerability. This vulnerability stemmed from improper handling of the parameter retrievedcontexts in the...

OpenSSL Toolkit 4.0.0

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 4.0 release...

SoK: Taxonomy and Evaluation of Prompt Security in Large Language Models

Large Language Models LLMs have rapidly become integral to real-world applications, powering services across diverse sectors. However, their widespread deployment has exposed critical security risks, particularly through jailbreak prompts that can bypass model alignment and induce harmful outputs...

OpenSSL Toolkit 3.3.5

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.3 release...

OpenSSL Toolkit 3.0.18

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.0 LTS release...

OpenSSL Toolkit 3.5.4

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.5 LTS release...

OpenSSL Toolkit 3.4.3

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.4 release...

New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station

A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station gNB. The attack, per the ASSET Automated Systems SEcuriTy Research Group at the Singapore University of Technology and Design SUTD, relies on ...

lunary authorization issue vulnerability (CNVD-2025-07598)

lunary is lunary open source a production toolkit for LLM . An authorization issue vulnerability exists in lunary that stems from /bigquery API routing without proper access control, no detailed vulnerability details are provided at this time...

Unspecified vulnerability in Lunary (CNVD-2025-06939)

Lunary is Lunary open source a production toolkit for LLM . A security vulnerability exists in Lunary version be54057 that stems from allowing users to upload and execute arbitrary regular expressions, which can be exploited by an attacker to potentially cause a denial of service...

xmedcon 数字错误漏洞

xmedcon is an open source toolkit for medical image conversion from xmedcon open source. A numeric error vulnerability exists in xmedcon version 0.25.0, which stems from an integer underflow in the malloc function of the DICOM File Handler component...

Lunary 授权问题漏洞

lunary is lunary open source a production toolkit for LLM . An authorization issue vulnerability exists in lunary that stems from the checklists.post endpoint not being properly privilege-validated and can be exploited by an attacker to cause unauthorized creation or modification of checklists...

Lunary 安全漏洞

lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary that stems from improper access control on the /prompts/promptid endpoint, and no detailed vulnerability details are provided at this time...

Lunary 访问控制错误漏洞

Lunary is Lunary open source a production toolkit for LLM . Lunary suffers from an Access Control Error vulnerability that originates from the POST /api/v1/data-warehouse/bigquery endpoint without proper access control, which can be exploited by an attacker to obtain sensitive information...

Narayana 安全漏洞

Narayana is an open source transaction toolkit from JBossTM. A security vulnerability exists in Narayana that stems from the LRA Coordinator component causing the application to crash or hang indefinitely, resulting in a denial of service...

lunary SQL Injection Vulnerability

lunary is lunary open source a production toolkit for LLM . lunary suffers from a SQL injection vulnerability that stems from the use of sql.unsafe in the order by clause of a SQL query without prior cleanup. No detailed vulnerability details are provided at this time...

Lunary Elevation of Privilege Vulnerability

lunary is lunary open source a production toolkit for LLM . An elevation of privilege vulnerability exists in lunary that stems from a lack of authorization checking and can be exploited by an attacker to delete any dataset...

Lunary Improper Access Control Vulnerability

lunary is lunary open source a production toolkit for LLM . An improper access control vulnerability exists in lunary, which can be exploited by an attacker to update any organization user as the organization owner...

Lunary 跨站脚本漏洞

lunary is lunary open source a production toolkit for LLM . lunary has a cross-site scripting vulnerability , the vulnerability stems from the failure to escape or validate the user-supplied orgId parameter , an attacker can use the vulnerability to steal user cookies or authentication tokens...

lunary 访问控制错误漏洞

lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary, which can be exploited by an attacker to cause information disclosure...