Lucene search
K

7 matches found

NVD
NVD
added 2026/02/10 6:16 p.m.4 views

CVE-2026-26003

FastGPT is an AI Agent building platform. From 4.14.0 to 4.14.5, attackers can directly access the plugin system through FastGPT/api/plugin/xxx without authentication, thereby threatening the plugin system. This may cause the plugin system to crash and the loss of plugin installation status, but ...

6.9CVSS0.0023EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.7 views

PT-2026-7419

Name of the Vulnerable Software and Affected Versions FastGPT versions 4.14.0 through 4.14.5 Description FastGPT, an AI Agent building platform, has an issue where the plugin system can be accessed directly through the API endpoint /api/plugin/xxx without authentication. This affects versions...

6.9CVSS5.5AI score0.0023EPSS
Exploits0References7
Patchstack
Patchstack
added 2025/09/06 9:9 a.m.4 views

WordPress UDesign Core plugin <= 4.14.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin UDesign Core versions = 4.14.0...

7.1CVSS6.1AI score0.00228EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/14 12:0 a.m.4 views

PT-2023-24947 · Json-Io · Json-Io

Name of the Vulnerable Software and Affected Versions: json-io versions 4.14.0 and earlier Description: An issue was discovered that allows attackers to cause a denial of service or other unspecified impacts via a crafted object that uses cyclic dependencies. Recommendations: For json-io versions...

8.7CVSS9.2AI score0.00812EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2022/04/20 12:0 a.m.7 views

CVE-2022-0540

A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before...

9.8CVSS8AI score0.88333EPSS
Exploits2References5Affected Software5
CNNVD
CNNVD
added 2021/09/01 12:0 a.m.7 views

Atlassian Jira 代码注入漏洞

Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is used to track and manage all types of issues and defects in the workplace. A security vulnerability exists in Atlassian Jira that can be exploited by a remote attacker with a "Jira administrator" to acce...

9CVSS7.5AI score0.04483EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/06/09 12:0 a.m.6 views

CKEditor 跨站脚本漏洞

CKEditor is an open source, web-based text editor. CKEditor suffers from a cross-site scripting vulnerability that stems from improper handling of input data in the HTML data processor. A remote attacker can inject executable JavaScript code via a crafted comment. The following products and model...

6.1CVSS6.6AI score0.03189EPSS
Exploits0References12
Rows per page
Query Builder