CVE-2026-42203

A flaw was found in LiteLLM, an AI Gateway. An authenticated user could exploit this by sending a crafted prompt template to the POST /prompts/test endpoint. The endpoint rendered user-supplied prompt templates without proper sandboxing. This could lead to arbitrary code execution within the...

LiteLLM has a sandbox escape in custom-code guardrail

Impact The POST /guardrails/testcustomcode endpoint runs user-supplied Python inside a hand-rolled sandbox. The sandbox can be escaped using bytecode-level techniques, allowing arbitrary code execution in the proxy process — which runs as root in the default Docker image. Reaching the endpoint...

EUVD-2025-176947

Malicious code in proxy-process-rho-chi-web npm...

EUVD-2020-13006

Malware in sbrugna...

Fortinet Fortigate Webproxy process DoS (FG-IR-23-184)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-184 advisory. - A use after free vulnerability CWE-416 in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiPro...

PT-2021-24230 · Avast · Avast Antivirus

Name of the Vulnerable Software and Affected Versions: Avast Antivirus versions prior to 20.8 Description: A privilege escalation issue exists in the Self-Defense driver of Avast Antivirus, allowing a local user with SYSTEM privileges to gain elevated privileges. This is achieved by "hollowing" t...

Cisco Web Security Appliance HTTP URL Denial of Service Vulnerability

A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS vulnerability due to the proxy process unexpectedly restarting. The vulnerability is due to improper input validation of the...

Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability

A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition when the proxy process unexpectedly restarts. The vulnerability occurs because the affected software does no...

Internet Explorer EPM sandbox out vulnerability analysis CVE-2 0 1 4-6 3 5 0-a vulnerability warning-the black bar safety net

0x00 Preface Author: James Forshaw Original: link This month Microsoft fixed 3 different IE enhanced protected mode EPM sandbox out of vulnerabilities by me the original author, the same below）at 8 months of disclosure. The Sandbox is Project Zero I also participated in the most major concern the...