CVE-2026-3340

IBM Langflow Desktop 1.0.0 through 1.8.4 IBM Langflow is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

CVE-2026-39356

Drizzle is a modern TypeScript ORM. Prior to 0.45.2 and 1.0.0-beta.20, Drizzle ORM improperly escaped quoted SQL identifiers in its dialect-specific escapeName implementations. In affected versions, embedded identifier delimiters were not escaped before the identifier was wrapped in quotes or...

IBM Langflow 资源管理错误漏洞

IBM Langflow is a visual process orchestration tool developed by the American multinational company International Business Machines IBM. Versions 1.0.0 to 1.9.0 of IBM Langflow contain resource management vulnerabilities. These vulnerabilities stem from uncontrolled resource consumption, which ma...

Security Bulletin: Path Traversal Vulnerability in File Processing Components Allows Unauthorized File System Access and Potential Remote Code Execution

Summary A path traversal vulnerability exists in multiple Langflow OSS file processing components Docling, Docling Serve, Read File, NVIDIA Retriever Extraction, Video File, and Unstructured API that are based on BaseFileComponent. The vulnerability in the unpackbundle function allows attackers t...

EUVD-2026-29395

The SP Blog Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'design' attribute of the wpsbdpostcarousel shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

SUSE CVE-2026-42264

Axios is a promise based HTTP client for the browser and Node.js. From version 1.0.0 to before version 1.15.2, fFive config properties auth, baseURL, socketPath, beforeRedirect, and insecureHTTPParser in the HTTP adapter are read via direct property access without hasOwnProperty guards, making th...

org.springframework.ai:spring-ai-starter-vector-store-milvus (>=1.0.0 <=1.0.6), plus.hiver:hiver-module-ai (=1.0.9) potentially affected by CVE-2026-41705 via org.springframework.ai:spring-ai-milvus-store (>=1.0.0 <=1.0.6)

org.springframework.ai:spring-ai-milvus-store MAVEN version =1.0.0, =1.0.0, =1.0.6 - plus.hiver:hiver-module-ai =1.0.9 Source cves: CVE-2026-41705 Source advisory: OSV:GHSA-V632-2M87-7469...

com.alibaba.cloud.ai.autoconfigure.memory.long:spring-ai-alibaba-autoconfigure-memory-long (=1.0.0.4), com.alibaba.cloud.ai:spring-ai-alibaba-starter-memory-long (=1.0.0.4) +2 more potentially affected by CVE-2026-41713 via org.springframework.ai:spring-ai-advisors-vector-store (>=1.0.0 <=1.0.1)

org.springframework.ai:spring-ai-advisors-vector-store MAVEN version =1.0.0, =1.0.0.1, =1.0.0.3-20260305-cve Source cves: CVE-2026-41713 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16624616...

Scanner 代码注入漏洞

Scanner is an AI model security assessment tool developed by 0DIN.ai. Versions 1.0.0 to 1.4.1 of Scanner contained a code injection vulnerability. This vulnerability originated from JavaScript injection in BrowserAutomation::PlaywrightService, which could lead to remote code execution...

ai.driftkit:driftkit-clients-spring-ai (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-ai (>=0.6.0 <=0.8.7) +107 more potentially affected by CVE-2026-41712 via org.springframework.ai:spring-ai-openai (>=1.0.0-M5 <=1.0.6)

org.springframework.ai:spring-ai-openai MAVEN version =1.0.0-M5, =0.6.0, =0.6.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0.3, =1.0.0.1, =1.0.0.1, =1.0.0.1, =1.0.0.3-20260305-cve and more Source cves: CVE-2026-41712 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16624639...

CVE-2026-40201

@diplodoc/search-extension 1.0.0 through 3.x before 3.0.3 allows stored XSS via the title in a .md file...

0xpay-cc-sdk (>=0.0.8 <=0.1.0), 0xtrails (>=0.0.0-20251106131028 <=0.15.1) +8848 more potentially affected by CVE-2026-42264 via axios (>=1.0.0 <=1.15.1)

axios NPM version =1.0.0, =0.0.8, =0.0.0-20251106131028, =0.1.0, =1.1.0, =0.1.0, =1.0.21, =0.1.4, =0.1.0, =1.0.10, =1.0.10, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.1.0-beta.18 and more Source cves: CVE-2026-42264 Source advisory: SNYK:JS-AXIOS-16417750...

CVE-2026-6543

IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This allows reading sensitive environment variables API keys, DB credentials, modifying files, or launching further attacks on the internal netwo...

CVE-2026-43507

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by XML parsing resource amplification from unauthenticated connections...

CVE-2026-40201

The CVE-2026-40201 affects @diplodoc/search-extension from versions 1.0.0 through 3.x prior to 3.0.3, where a stored XSS is possible via the title in a .md file. The issue is caused by input not being properly sanitized before being rendered in titles, enabling an attacker-supplied payload to exe...

PT-2026-36308

Name of the Vulnerable Software and Affected Versions @diplodoc/search-extension versions 1.0.0 through 3.0.2 Description Stored Cross-Site Scripting XSS occurs via the title in a .md file. Stored XSS is a type of vulnerability where a malicious script is permanently stored on the target server,...

PT-2026-36307

Name of the Vulnerable Software and Affected Versions OpenStack ironic-python-agent versions 1.0.0 through 11.5.0 Description Ironic Python Agent IPA may execute the grub-install function from within a chroot of the deployed partition image. This behavior can lead to arbitrary code execution if a...

CVE-2026-26204

Wazuh versions 1.0.0–4.14.3 are affected by a heap-based out-of-bounds write in GetAlertData that writes a NULL byte 1 byte before the start of the buffer allocated by strdup, due to an unsigned underflow. This corrupts heap metadata and can allow a compromised agent to cause denial of service or...

CVE-2026-40980

In Spring AI, a malicious PDF file can be crafted that triggers the allocation of unreasonable amounts of memory when handled by ForkPDFLayoutTextStripper. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...

CVE-2026-40978

SQL injection vulnerability in Spring AI's CosmosDBVectorStore allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...