CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

152 matches found

UBUNTU-CVE-2026-6324

A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a...

4.8CVSS5.8AI score0.00042EPSS

Exploits0References7

Vulnrichment•added 2026/04/28 1:13 p.m.•2 views

CVE-2026-40551 Use of Client-Side Authentication in mpGabinet

mpGabinet performs client-side authentication. An attacker with access to any application instance connected to the backend server can bypass the login verification process by manipulating the application binary and authenticate as an arbitrary user. This issue affects mpGabinet version 23.12.19...

8.4CVSS5.5AI score0.00027EPSS

Exploits0References2

Positive Technologies•added 2026/04/06 12:0 a.m.•1 views

PT-2026-30570

A vulnerability has been found in assafelovic gpt-researcher up to 3.4.3. This affects the function extract command data of the file backend/server/server utils.py of the component ws Endpoint. Such manipulation of the argument args leads to code injection. The attack may be performed from remote...

7.5CVSS6.7AI score0.00067EPSS

Exploits0References6

CNNVD•added 2026/04/06 12:0 a.m.•2 views

GPT Researcher 代码注入漏洞

GPT Researcher is an AI-based deep research agent tool developed by Assaf Elovic. Versions of GPT Researcher 3.4.3 and earlier have a code injection vulnerability. This vulnerability stems from improper handling of the args parameter in the extractcommanddata function in the...

7.5CVSS7.2AI score0.00067EPSS

Exploits0References5

Positive Technologies•added 2026/04/06 12:0 a.m.•1 views

PT-2026-30569

A flaw has been found in assafelovic gpt-researcher up to 3.4.3. The impacted element is an unknown function of the file backend/server/app.py of the component Report API. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been...

5.3CVSS4.3AI score0.00013EPSS

Exploits0References6

RedhatCVE•added 2026/03/29 5:3 p.m.•1 views

CVE-2026-5001

A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The affected element is the function doPOST of the file backend/server.py. This manipulation causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been publishe...

7.5CVSS5.5AI score0.00054EPSS

Exploits0References1

RedhatCVE•added 2026/03/29 5:3 p.m.•1 views

CVE-2026-5000

A vulnerability was detected in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. Impacted is the function LocalGPTHandler of the file backend/server.py of the component API Endpoint. The manipulation of the argument BaseHTTPRequestHandler results in missing authentication. T...

7.5CVSS5.6AI score0.00105EPSS

Exploits0References1

RedhatCVE•added 2026/03/29 5:3 p.m.•1 views

CVE-2026-5002

A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function routeusingoverviews of the file backend/server.py of the component LLM Prompt Handler. Such manipulation leads to injection. The attack may be performed fr...

7.5CVSS5.4AI score0.00062EPSS

Exploits0References1

EUVD•added 2026/03/28 6:30 p.m.•2 views

EUVD-2026-16932

7.5CVSS5.5AI score0.00054EPSS

Exploits0References5

EUVD•added 2026/03/28 6:30 p.m.•1 views

EUVD-2026-16933

7.5CVSS5.4AI score0.00062EPSS

Exploits0References5

NVD•added 2026/03/28 5:16 p.m.•0 views

CVE-2026-5002

7.5CVSS0.00062EPSS

Exploits0References4

ATTACKERKB•added 2026/03/28 4:45 p.m.•0 views

CVE-2026-5002

7.5CVSS5.4AI score0.00062EPSS

Exploits0References4

CVE•added 2026/03/28 4:45 p.m.•5 views

CVE-2026-5002

CVE-2026-5002 affects PromtEngineer localGPT (LLM Prompt Handler) with the vulnerable element in backend/server.py, function _route_using_overviews. The issue is described as an injection vulnerability that can be exploited remotely; the exploit has been disclosed publicly. The product uses a rol...

7.5CVSS6.5AI score0.00062EPSS

Exploits0References4

NVD•added 2026/03/28 4:15 p.m.•0 views

CVE-2026-5001

7.5CVSS0.00054EPSS

Exploits0References4

Cvelist•added 2026/03/28 4:0 p.m.•30 views

CVE-2026-5001 PromtEngineer localGPT server.py do_POST unrestricted upload

7.5CVSS0.00054EPSS

Exploits0References4

NVD•added 2026/03/28 3:16 p.m.•1 views

CVE-2026-5000

7.5CVSS0.00105EPSS

Exploits0References4

Vulnrichment•added 2026/03/28 3:0 p.m.•0 views

CVE-2026-5000 PromtEngineer localGPT API Endpoint server.py LocalGPTHandler missing authentication

7.5CVSS6.8AI score0.00105EPSS

Exploits0References4

Cvelist•added 2026/03/28 3:0 p.m.•25 views

CVE-2026-5000 PromtEngineer localGPT API Endpoint server.py LocalGPTHandler missing authentication

7.5CVSS0.00105EPSS

Exploits0References4

CVE•added 2026/03/28 3:0 p.m.•5 views

CVE-2026-5000

PromtEngineer localGPT has a missing authentication vulnerability in the API Endpoint’s LocalGPTHandler (backend/server.py). The issue is triggered by manipulation of the BaseHTTPRequestHandler, allowing remote access and potential unauthorized control. This affects versions prior to 4d41c7d1713b...

7.5CVSS6.8AI score0.00105EPSS

Exploits0References4

Positive Technologies•added 2026/03/28 12:0 a.m.•1 views

PT-2026-28720

Name of the Vulnerable Software and Affected Versions PromtEngineer localGPT versions up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054 Description A flaw exists within PromtEngineer localGPT that allows for injection. The issue resides in the route using overviews function within the...

7.5CVSS5.7AI score0.00062EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by