Lucene search
K

7 matches found

PyPA
PyPA
added 2026/06/05 8:17 p.m.9 views

PYSEC-2026-206

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/05 7:35 p.m.32 views

CVE-2026-45758 Malicious code in guardrails-ai 0.10.1 (supply chain compromise)

Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Aany user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026 may be affected. Security...

9.6CVSS0.00276EPSS
Exploits0References3
CVE
CVE
added 2026/06/05 7:35 p.m.27 views

CVE-2026-45758

CVE-2026-45758 affects Guardrails AI (Python framework). A malicious PyPI release, guardrails-ai==0.10.1, was published on 2026-05-11. Security telemetry reports no observed requests to Guardrails AI infrastructure from 0.10.1 and no data exfiltration evidence, but affected users should act. The ...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2025/02/14 4:43 a.m.4 views

SUSE CVE-2024-41178

Exposure of temporary credentials in logs in Apache Arrow Rust Object Store objectstore crate, version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity...

7.5CVSS6.8AI score0.0071EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/09/28 12:0 a.m.3 views

PT-2022-24854 · Nheko · Nheko

Name of the Vulnerable Software and Affected Versions: nheko versions prior to 0.10.2 Description: nheko is a desktop client for the Matrix communication application. The issue allows homeservers to insert malicious secrets, which could lead to man-in-the-middle attacks. Recommendations: For...

8.6CVSS6.6AI score0.00624EPSS
Exploits0References13
PyPA
PyPA
added 2021/08/25 6:15 p.m.4 views

PYSEC-2021-315

nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local path. Due to unsanitized input, visiting maliciously crafted links could result in arbitrary code execution in the user environment. This has been resolved in version 0.10.2 and all users are advised to upgrade...

9.6CVSS7.5AI score0.0173EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 1970/01/01 12:0 a.m.4 views

PT-2012-6367 · Opensuse +3 · Libvirt +3

Name of the Vulnerable Software and Affected Versions: libvirt versions prior to 0.10.2 Description: The issue affects the libvirt package in the openSUSE operating system, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Exploitation can...

9.3CVSS7.4AI score0.05774EPSS
Exploits0References60
Rows per page
Query Builder