EUVD-2026-25394

The BetterDocs plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.3.11. This is due to a missing capability check in the generateopenaicontentcallback function, which relies solely on a nonce rather than verifying user permissions. This makes it possible...

CVE-2026-6393 BetterDocs <= 4.3.11 - Missing Authorization to Authenticated (Subscriber+) Unauthorized AI API Usage

The BetterDocs plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.3.11. This is due to a missing capability check in the generateopenaicontentcallback function, which relies solely on a nonce rather than verifying user permissions. This makes it possible...

CVE-2026-6393

The CVE concerns the WordPress plugin BetterDocs (versions up to and including 4.3.11). The vulnerability lies in the function generate_openai_content_callback() , which lacks proper permission checks and relies on a nonce, allowing authenticated attackers with subscriber-level access or higher t...

CVE-2026-6393

The BetterDocs plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.3.11. This is due to a missing capability check in the generateopenaicontentcallback function, which relies solely on a nonce rather than verifying user permissions. This makes it possible...

LangChain 代码问题漏洞

LangChain is an open-source framework developed by LangChain for creating applications powered by large language models LLMs. Versions of LangChain prior to 1.1.14 contained code vulnerabilities. These vulnerabilities stemmed from the urltosize helper function in langchain-openai, which, after...

PT-2026-35087

Name of the Vulnerable Software and Affected Versions langchain-openai versions prior to 1.1.14 Description The url to size helper function, utilized by get num tokens from messages for image token counting, contains a Time-of-Check to Time-of-Use TOCTOU flaw. The function validates URLs for...

WordPress plugin BetterDocs 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

PT-2026-34851

The BetterDocs plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.3.11. This is due to a missing capability check in the generate openai content callback function, which relies solely on a nonce rather than verifying user permissions. This makes it...

CVE-2026-41279

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the text-to-speech generation endpoint POST /api/v1/text-to-speech/generate is whitelisted no auth and accepts a credentialId directly in the request body. When called without a chatflowId, th...

Involuntary In-Context Learning: Exploiting Few-Shot Pattern Completion to Bypass Safety Alignment in GPT-5.4

Safety alignment in large language models relies on behavioral training that can be overridden when sufficiently strong in-context patterns compete with learned refusal behaviors. We introduce Involuntary In-Context Learning IICL, an attack class that uses abstract operator framing with few-shot...

EUVD-2026-23807

A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parseopenaipluginjsontotoolbundle of the file api/core/tools/utils/parser.py of the component ApiBasedToolSchemaParser. Executing a manipulation of the argument url can lead to server-side request forgery. The...

CVE-2026-6618

Summary (CVE-2026-6618): A flaw in langgenius dify up to 1.13.3 affects the component ApiBasedToolSchemaParser, specifically parse_openai_plugin_json_to_tool_bundle in api/core/tools/utils/parser.py. The issue allows an attacker to manipulate the argument url to trigger a server-side request forg...

CVE-2026-6618 langgenius dify ApiBasedToolSchemaParser parser.py parse_openai_plugin_json_to_tool_bundle server-side request forgery

A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parseopenaipluginjsontotoolbundle of the file api/core/tools/utils/parser.py of the component ApiBasedToolSchemaParser. Executing a manipulation of the argument url can lead to server-side request forgery. The...

AgentScope vulnerable to Server-Side Request Forgery

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

EUVD-2026-23773

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

GHSA-659X-HM75-HPV7 AgentScope vulnerable to Server-Side Request Forgery

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

CVE-2026-6604 modelscope agentscope Cloud Metadata Endpoint _openai_tools.py openai_audio_to_text server-side request forgery

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

CVE-2026-6604

The CVE-2026-6604 entry affects modelscope agentscope up to version 1.0.18, specifically the Cloud Metadata Endpoint’s _openai_tools.py functions _parse_url, prepare_image, and openai_audio_to_text. The vulnerability arises from manipulating image_url/audio_file_url, enabling server-side request ...

PT-2026-33710

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parse url/prepare image/openai audio to text of the file src/agentscope/tool/ multi modality/ openai tools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

PT-2026-33733

A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse openai plugin json to tool bundle of the file api/core/tools/utils/parser.py of the component ApiBasedToolSchemaParser. Executing a manipulation of the argument url can lead to server-side request forgery...