Lucene search
K

6428 matches found

RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.17 views

CVE-2026-11465

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS4.6AI score0.0022EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/08 10:43 a.m.67 views

OWASP_Top10_Web_Pentest

🔓 Week 04 — Web Application Penetration Testing OWASP Top 10...

5.8AI score
Exploits0
HackRead
HackRead
added 2026/06/08 10:17 a.m.17 views

Instagram Glitch Reportedly Exposed Contact Info of Zuckerberg and Other Users

Instagram glitch exposed Mark Zuckerberg’s email addresses and phone number, plus contact details of other top users, through a password reset flaw...

5.5AI score
Exploits0
EUVD
EUVD
added 2026/06/08 12:30 a.m.11 views

EUVD-2026-34996

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS4.8AI score0.0022EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.7 views

Security-First Approach to API Pipeline Development with Zero-Trust Architecture

Modern enterprises face an accelerating onslaught of API-targeted threats amid a rapidly expanding attack surface. Record volumes of software vulnerabilities continue to accelerate dramatically, with 28,818 CVEs disclosed in 2023 a 38% jump from 2022 and 40,009 CVEs in 2024 another 38% increase,...

5.6AI score
Exploits0
NVD
NVD
added 2026/06/07 11:16 p.m.10 views

CVE-2026-11465

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS0.0022EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/07 10:45 p.m.28 views

CVE-2026-11465 songquanpeng one-api Redemption Code Top-Up Endpoint redemption.go Redeem logic error

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS0.0022EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/07 10:45 p.m.9 views

CVE-2026-11465 songquanpeng one-api Redemption Code Top-Up Endpoint redemption.go Redeem logic error

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS4.6AI score0.0022EPSS
Exploits0References7
CVE
CVE
added 2026/06/07 10:45 p.m.37 views

CVE-2026-11465

CVE-2026-11465 affects songquanpeng’s one-api (up to 0.6.11-preview.7). The issue is in the Redemption Code Top-Up Endpoint, specifically the function Redeem in file model/redemption.go, where manipulation leads to business logic errors. Reported as exploitable remotely with high complexity and l...

3.1CVSS4.7AI score0.0022EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/07 12:0 a.m.11 views

One API 安全漏洞

One API is an LLM API management and distribution system developed by JustSong’s developers. Versions of One API prior to 0.6.11-preview.7 contained a security vulnerability. This vulnerability stemmed from a function issue in the Redemption Code Top-Up Endpoint component’s model/redemption.go...

3.1CVSS4.8AI score0.0022EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.17 views

PT-2026-47196

Name of the Vulnerable Software and Affected Versions songquanpeng one-api versions prior to 0.6.11-preview.7 Description A business logic error exists in the Redemption Code Top-Up Endpoint. The issue is located within the Redeem function of the model/redemption.go file. This flaw allows for...

3.1CVSS5.2AI score0.0022EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.8 views

CVE-2026-45403

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, the AnythingLLM agent filesystem copy tool validates only the top-level source and destination paths. The recursive copy helper then descends into child...

2.5CVSS5.4AI score0.00193EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.9 views

CVE-2026-44548

ChurchCRM is an open-source church management system. Prior to 7.3.2, top-level cross-site GET navigation from an attacker-controlled page to FundRaiserDelete.php, PropertyTypeDelete.php, or NoteDelete.php causes a logged-in ChurchCRM user with the relevant role to silently delete records,...

8.1CVSS5.3AI score0.0012EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.9 views

CVE-2024-36343

Improper input validation in the System Management Mode SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to a limited section of the Top of Memory Segment TSEG memory region, potentially resulting in loss of confidentiality or integrity...

4.6CVSS5.7AI score0.00186EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/03 12:0 a.m.13 views

Prioritization of Risks from Artificial Intelligence: A Delphi Study of 272 International Experts

Artificial intelligence poses many risks, ranging from familiar present-day harms to unprecedented and potentially catastrophic ones. Effective risk management requires prioritization: we must understand which risks are most severe, who is most vulnerable, and who is most responsible for addressi...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/01 9:25 a.m.89 views

bastion-waf-simulator

BASTION — Web Application Firewall Simulator A real-time We...

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/01 12:0 a.m.10 views

Quantum Resonance Encryption for Secure Data Storage and Communication with Quantum Kicked Top

In a shared quantum computer, how to ensure data privacy and protection from access by unauthorized parties? We propose a genuine quantum protocol for protecting user's data which is not accessible even to the service provider. The protocol is based on quantum kicked top -- the dynamics of a spin...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/29 1:34 p.m.10 views

OESA-2026-2487 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.3CVSS6AI score0.00161EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.13 views

ImageMagick < 6.9.13-48 / 7.x < 7.1.2-22 Vulnerability

The remote host has a version of ImageMagick installed that is prior to 6.9.13-48 or 7.x prior 7.1.2-22. It is, therefore, affected by a vulnerability. — An invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation...

7.1CVSS6AI score0.00122EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.12 views

PT-2026-45040

Summary modules/documents-files.php mode file rename save shares the same root-cause shape as the cross-folder move bug 05-documents-cross-folder-move-idor.md: the top-level rights check at lines 79-89 validates hasUploadRight on the URL parameter folder uuid, but the rename operation acts on fil...

6.5CVSS5.8AI score0.00029EPSS
Exploits0References3
Rows per page
Query Builder