3 matches found
CVE-2026-47713 AnythingLLM: Legacy mobile device tokens bypass multi-user workspace scoping after mode migration
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mode can survive single-user - multi-user migration even when the device record has userId = null. In...
Jenkins Plugin Red Hat Dependency Analytics Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2022-26918 · Jenkins · Jenkins Neuvector Vulnerability Scanner Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins NeuVector Vulnerability Scanner Plugin versions 1.20 and earlier Description: The issue allows cross-site scripting XSS attacks by users with the ability to control files in workspaces, archived artifacts, etc. This is because the...