Lucene search
K

117 matches found

EUVD
EUVD
added 2026/03/16 6:32 p.m.18 views

EUVD-2026-12454

LibreChat RAG API, version 0.7.0, contains a log-injection vulnerability that allows attackers to forge log entries...

5.8AI score0.00277EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.11 views

LibreChat RAG API 安全漏洞

LibreChat RAG API is an open-source interface service for building retrieval-enhanced generation capabilities in LibreChat. Version 0.7.0 of the LibreChat RAG API contains a security vulnerability, which stems from log injection, potentially allowing attackers to forge log entries...

7.5CVSS6AI score0.00277EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/05 12:0 a.m.5 views

SecureRAG-RTL: A Retrieval-Augmented, Multi-Agent, Zero-Shot LLM-Driven Framework for Hardware Vulnerability Detection

Large language models LLMs have shown remarkable capabilities in natural language processing tasks, yet their application in hardware security verification remains limited due to scarcity of publicly available hardware description language HDL datasets. This knowledge gap constrains LLM performan...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/24 6:25 p.m.172 views

ai-security-toolkit

...

5.9AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2026/02/24 12:0 a.m.7 views

This Week in Spring - February 24th, 2026

Hi, Spring fans! Welcome to another awesome and oh-so-agentic week in Spring! We've got a ton to look into, and I've got even more to prepare for next week's DevNexus event in Atlanta, GA, so let's dive right into it! Be sure to say "hi" if you're going to be there, though! You've heard of Agent...

5.5AI score
Exploits0
EUVD
EUVD
added 2026/02/16 12:30 p.m.7 views

EUVD-2026-6091

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization...

7.5CVSS5.1AI score0.00477EPSS
Exploits2References10
NVD
NVD
added 2026/02/16 12:16 p.m.5 views

CVE-2026-2555

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization...

7.5CVSS0.0031EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/16 12:2 p.m.3 views

CVE-2026-2555 JeecgBoot Retrieval-Augmented Generation AiragKnowledgeController.java importDocumentFromZip deserialization

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization...

5CVSS5.1AI score0.0031EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/16 12:2 p.m.5 views

CVE-2026-2555

A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDocumentFromZip of the file org/jeecg/modules/airag/llm/controller/AiragKnowledgeController.java of the component Retrieval-Augmented Generation. Executing a manipulation can lead to deserialization...

5CVSS5.1AI score0.0031EPSS
Exploits1References6
NVD
NVD
added 2026/02/07 9:15 p.m.8 views

CVE-2026-2111

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this issue is some unknown functionality of the file /airag/knowledge/doc/edit of the component Retrieval-Augmented Generation Module. Executing a manipulation of the argument filePath can lead to path traversal. The attack can ...

5.3CVSS0.00517EPSS
Exploits1References4
OSV
OSV
added 2026/02/07 9:15 p.m.2 views

CVE-2026-2111

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this issue is some unknown functionality of the file /airag/knowledge/doc/edit of the component Retrieval-Augmented Generation Module. Executing a manipulation of the argument filePath can lead to path traversal. The attack can ...

4.3CVSS5.5AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/07 8:32 p.m.5 views

CVE-2026-2111 JeecgBoot Retrieval-Augmented Generation edit path traversal

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this issue is some unknown functionality of the file /airag/knowledge/doc/edit of the component Retrieval-Augmented Generation Module. Executing a manipulation of the argument filePath can lead to path traversal. The attack can ...

5.3CVSS5.2AI score0.00517EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/07 8:32 p.m.7 views

EUVD-2026-5716

A weakness has been identified in JeecgBoot up to 3.9.0. Affected by this issue is some unknown functionality of the file /airag/knowledge/doc/edit of the component Retrieval-Augmented Generation Module. Executing a manipulation of the argument filePath can lead to path traversal. The attack can ...

5.3CVSS5.1AI score0.00517EPSS
Exploits1References4
CVE
CVE
added 2026/02/07 8:32 p.m.16 views

CVE-2026-2111

JeecgBoot

5.3CVSS4.9AI score0.00517EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/02/07 12:0 a.m.9 views

JeecgBoot 路径遍历漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. JeecgBoot versions 3.9.0 and earlier contained a path traversal vulnerability. This vulnerability stemmed from incorrect handling of the parameter “filePath” in the Component...

5.3CVSS5.8AI score0.00517EPSS
Exploits1References5
Packet Storm News
Packet Storm News
added 2026/02/05 12:0 a.m.5 views

Persistent Human Feedback, LLMs, and Static Analyzers for Secure Code Generation and Vulnerability Detection

Existing literature heavily relies on static analysis tools to evaluate LLMs for secure code generation and vulnerability detection. We reviewed 1,080 LLM-generated code samples, built a human-validated ground-truth, and compared the outputs of two widely used static security tools, CodeQL and...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/28 12:0 a.m.3 views

User-Centric Phishing Detection: A RAG and LLM-Based Approach

The escalating sophistication of phishing emails necessitates a shift beyond traditional rule-based and conventional machine-learning-based detectors. Although large language models LLMs offer strong natural language understanding, using them as standalone classifiers often yields elevated...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/21 12:0 a.m.5 views

Lightweight LLMs for Network Attack Detection in IoT Networks

The rapid growth of Internet of Things IoT devices has increased the scale and diversity of cyberattacks, exposing limitations in traditional intrusion detection systems. Classical machine learning ML models such as Random Forest and Support Vector Machine perform well on known attacks but requir...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/20 12:0 a.m.4 views

Rethinking On-Device LLM Reasoning: Why Analogical Mapping Outperforms Abstract Thinking for IoT DDoS Detection

The rapid expansion of IoT deployments has intensified cybersecurity threats, notably Distributed Denial of Service DDoS attacks, characterized by increasingly sophisticated patterns. Leveraging Generative AI through On-Device Large Language Models ODLLMs provides a viable solution for real-time...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/01 12:0 a.m.7 views

An Empirical Evaluation of LLM-Based Approaches for Code Vulnerability Detection: RAG, SFT, and Dual-Agent Systems

The rapid advancement of Large Language Models LLMs presents new opportunities for automated software vulnerability detection, a crucial task in securing modern codebases. This paper presents a comparative study on the effectiveness of LLM-based techniques for detecting software vulnerabilities...

7.2AI score
Exploits0
Rows per page
Query Builder