13 matches found
adpred (=1.3.2), bacpipe (>=1.2.0 <=1.3.2.dev0) +18 more potentially affected by CVE-2026-0897 via keras (>=3.0.0 <=3.13.0)
keras PYPI version =3.0.0, =1.2.0, =0.1.0, =0.0.4, =0.4.7, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =3.14.3, =0.1.0, =0.1.1, =0.1.6 and more Source cves: CVE-2026-0897 Source advisory: OSV:PYSEC-2026-73...
EUVD-2025-11897
Malicious code in bioql PyPI...
CVE-2025-32377
Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models LLMs. A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the...
CVE-2025-32377
Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models LLMs. A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the...
CVE-2025-32377 Rasa Pro Missing Authentication For Voice Connector APIs
Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models LLMs. A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the...
CVE-2025-32377 Rasa Pro Missing Authentication For Voice Connector APIs
Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models LLMs. A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the...
CVE-2025-32377 Rasa Pro Missing Authentication For Voice Connector APIs
Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models LLMs. A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the...
CVE-2025-32377
CVE-2025-32377 involves Rasa Pro voice connectors that fail to enforce authentication even when a token is configured in credentials.yml. The issue allows submitting voice data from unauthenticated sources via affected connectors. The fixed releases apply to audiocodes, audiocodes_stream, and gen...
Rasa Pro 访问控制错误漏洞
Rasa Pro is a specialized code component of Rasa Platform, an enterprise solution from Rasa, for implementing resilient and trusted AI assistants at scale. An access control error vulnerability exists in Rasa Pro that stems from the voice connector not properly implementing authentication, which...
Rasa Pro Missing Authentication For Voice Connector APIs
Vulnerability A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the credentials.yml file. This could allow an attacker to submit voice data to the Rasa Pro assistant from an unauthenticate...
GHSA-7XQ5-54JP-2MFG Rasa Pro Missing Authentication For Voice Connector APIs
Vulnerability A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the credentials.yml file. This could allow an attacker to submit voice data to the Rasa Pro assistant from an unauthenticate...
PT-2025-17344 · Rasa · Rasa Pro
Name of the Vulnerable Software and Affected Versions: Rasa Pro versions prior to 3.9.20 Rasa Pro versions prior to 3.10.19 Rasa Pro versions prior to 3.11.7 Rasa Pro versions prior to 3.12.6 Description: A vulnerability has been identified in Rasa Pro where voice connectors do not properly...
Deserialization of Untrusted Data
Overview rasa-pro is a State-of-the-art open-core Conversational AI framework for Enterprises that natively leverages generative AI for effortless assistant development. Affected versions of this package are vulnerable to Deserialization of Untrusted Data by loading a maliciously crafted model in...