PT-2026-2997

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration...

CVE-2025-69222 LibreChat is vulnerable to Server-Side Request Forgery due to missing restrictions

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery SSRF vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to configure agents with predefined instructions and actio...

CVE-2025-69222 LibreChat is vulnerable to Server-Side Request Forgery due to missing restrictions

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery SSRF vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to configure agents with predefined instructions and actio...

EUVD-2025-206260

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 is prone to a server-side request forgery SSRF vulnerability due to missing restrictions of the Actions feature in the default configuration. LibreChat enables users to configure agents with predefined instructions and actio...

CVE-2025-0645 Arbitrary File Upload in Narkom Communication Technologies' Pyxis Signage

Unrestricted Upload of File with Dangerous Type vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co. Pyxis Signage allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Pyxis Signage: through 31012025...

CVE-2023-1749

The listed versions of Nexx Smart Home devices lack proper access control when executing actions. An attacker with a valid NexxHome deviceId could send API requests that the affected devices would execute...

Gentoo Security Advisory GLSA 200501-16 (Konqueror, kde, kdelibs)

The remote host is missing updates announced in advisory GLSA 200501-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...