Lucene search
K

5 matches found

Cvelist
Cvelist
•added 5 days ago•40 views

CVE-2026-15044 Trustyai-service-operator: trustyai service operator: unauthenticated access to ai guardrails and orchestrator apis

A flaw was found in the TrustyAI Service Operator. When deploying services like gorch or NemoGuardrails, if a specific security setting is not enabled, these services can expose their communication channels without requiring users to prove their identity. This allows any other program within the...

6.3CVSS0.0017EPSS
Exploits0References2
The Hacker News
The Hacker News
•added 2026/06/10 10:27 a.m.•24 views

Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar

Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry up. By the third or fourth run, fewer issues appear. The report looks stable. Leadership reads "stable" as "secure." It usually isn't. The work slows down. The risk...

5.7AI score
Exploits0
Github Security Blog
Github Security Blog
•added 2024/09/18 3:30 p.m.•17 views

Guardrails has an arbitrary code execution vulnerability

An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the code will be passed to an eval function, causing i...

7.8CVSS7.7AI score0.00375EPSS
Exploits0References4Affected Software1
NVD
NVD
•added 2024/09/18 3:15 p.m.•9 views

CVE-2024-45858

An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the code will be passed to an eval function, causing i...

7.8CVSS0.00375EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/09/18 3:2 p.m.•16 views

CVE-2024-45858

An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the code will be passed to an eval function, causing i...

7.8CVSS0.00375EPSS
Exploits0References1
Rows per page
Query Builder