CVE-2026-22219

CVE-2026-22219 affects Chainlit

CVE-2026-22219

Chainlit versions prior to 2.9.4 contain a server-side request forgery SSRF vulnerability in the /project/element update flow when configured with the SQLAlchemy data layer backend. An authenticated client can provide a user-controlled url value in an Element, which is fetched by the SQLAlchemy...

CVE-2026-23842

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the getresponse method can exhaust...

CVE-2026-23842

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the getresponse method can exhaust...

CVE-2026-23842 ChatterBot has Denial of Service via Database Connection Pool Exhaustion

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the getresponse method can exhaust...

CVE-2026-23842 ChatterBot has Denial of Service via Database Connection Pool Exhaustion

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the getresponse method can exhaust...

PT-2026-3483

Name of the Vulnerable Software and Affected Versions ChatterBot versions up to 1.2.10 ChatterBot version 1.2.11 Description ChatterBot, a machine learning conversational dialog engine, is susceptible to a denial-of-service condition. This occurs due to improper management of database sessions an...

PT-2026-3516

Name of the Vulnerable Software and Affected Versions Chainlit versions prior to 2.9.4 Description Chainlit versions prior to 2.9.4 have a server-side request forgery SSRF issue in the /project/element update flow when using the SQLAlchemy data layer backend. An authenticated client can control t...

blacksheep-sqlalchemy (=0.0.3), shapelets-platform (>=2.0.40 <=2.2.5) +2 more potentially affected by CVE-2026-22779 via blacksheep (>=1.2.18 <=2.0.8)

blacksheep PYPI version =1.2.18, =2.0.40, =2.2.5 - shapelets-rec-server =0.1.0.dev1 - sheepcord =0.1.0 Source cves: CVE-2026-22779 Source advisory: OSV:GHSA-6PW3-H7XF-X4GP...

MiracleLinux 4 : python-sqlalchemy-0.5.5-3.AXS4 (AXSA:2012-366:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-366:01 advisory. SQLAlchemy is an Object Relational Mappper ORM that provides a flexible, high-level interface to SQL databases. Database and domain concepts are decoupled,...

CVE-2024-34715

Fides is an open-source privacy engineering platform. The Fides webserver requires a connection to a hosted PostgreSQL database for persistent storage of application data. If the password used by the webserver for this database connection includes special characters such as @ and $, webserver...

Exploit for SQL Injection in Sqlalchemy

What Part A - Prereqs - hud cli - Docker Part A - Setu...

EUVD-2019-0133

Malware in sbrugna...

EUVD-2019-0134

Malware in sbrugna...

EUVD-2012-0028

Malware in sbrugna...

EUVD-2024-1520

Malicious code in bioql PyPI...

EUVD-2022-0149

Malicious code in bioql PyPI...

Alibaba Cloud Linux 3 : 0057: python-mako (ALINUX3-SA-2023:0057)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0057 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-40023: Sqlalchemy mako before 1.2.2 is...

Linux Distros Unpatched Vulnerability : CVE-2019-7548

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLAlchemy 1.2.17 has SQL Injection when the groupby parameter can be controlled. CVE-2019-7548 Note that Nessus relies on the presence of the package as report...

Linux Distros Unpatched Vulnerability : CVE-2019-7164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the orderby parameter. CVE-2019-7164 Note that Nessus relies on the presence of the...