Lucene search
K

235 matches found

Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.20 views

PT-2026-39708

Command injection vulnerability in automagik-genie 2.5.27 MCP Server allows attackers to execute arbitrary commands via the view task aka view in the readTranscriptFromCommit function in dist/mcp/server.js when a user reads from an external FORGE BASE URL...

6.1AI score0.01008EPSS
Exploits0References2
CVE
CVE
added 2026/05/11 12:0 a.m.19 views

CVE-2026-30635

CVE-2026-30635 describes a command-injection vulnerability in the automagik-genie 2.5.27 MCP Server. The issue affects the readTranscriptFromCommit path in dist/mcp/server.js, where an attacker can trigger arbitrary command execution via the view_task (also known as view) when reading from an ext...

8.1CVSS6.1AI score0.01008EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:27 p.m.7 views

CVE-2026-41487

Langfuse is an open source large language model engineering platform. From version 3.68.0 to before version 3.167.0, there is a role-based-access control flaw in the LLM connection update flow. An authenticated, low-privileged user of role “member” in a project could request the update of an...

5.3CVSS5.7AI score0.00181EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/08 2:27 p.m.28 views

CVE-2026-41487

CVE-2026-41487 affects Langfuse (open source LLM engineering platform). From version 3.68.0 up to before 3.167.0, a role-based access control flaw in the LLM connection update flow allowed an authenticated, low-privilege user with the role “member” in a project to request updating an LLM connecti...

5.4CVSS5.7AI score0.00181EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.17 views

PT-2026-39011

Name of the Vulnerable Software and Affected Versions Langfuse versions 3.68.0 through 3.166.0 Description A role-based access control flaw exists in the LLM connection update flow. An authenticated user with the "member" role in a project can request an update to an existing LLM connection by...

5.4CVSS5.8AI score0.00181EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2026/05/05 7:16 p.m.11 views

gix-transport: HTTP credentials leaked to redirected host in curl backend

Summary The curl-based HTTP transport in gix-transport sends user credentials passwords, tokens to an attacker-controlled server after an HTTP redirect. When a server responds with a 302 redirect during the initial GET /info/refs, gitoxide records the redirected base URL and rewrites all subseque...

5.8AI score
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/05/05 12:18 a.m.9 views

Prototype Pollution

Overview org.webjars.npm:axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Prototype Pollution when the Object.prototype has been polluted via a different exploit. The following properties in the HTTP adapter configuration may be...

9.1CVSS6.3AI score0.00549EPSS
Exploits1References2
OSV
OSV
added 2026/05/05 12:18 a.m.5 views

GHSA-Q8QP-CVCW-X6JJ Axios has prototype pollution read-side gadgets in HTTP adapter that allow credential injection and request hijacking

Summary Five config properties in the HTTP adapter are read via direct property access without hasOwnProperty guards, making them exploitable as prototype pollution gadgets. When Object.prototype is polluted by another dependency in the same process, axios silently picks up these polluted values ...

7.4CVSS5.9AI score0.00549EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/05/04 8:22 p.m.9 views

OpenClaw: Workspace dotenv files cannot override connector endpoint hosts

Summary Workspace dotenv files cannot override connector endpoint hosts. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact A workspace .env file could set connector endpoint variables for Matrix, Mattermost, IRC, or...

5CVSS5.8AI score0.00105EPSS
Exploits0References5Affected Software1
Snyk
Snyk
added 2026/04/28 6:30 a.m.28 views

Server-side Request Forgery (SSRF)

Overview @dadigua/hyperchat is a HyperChat Core - Node.js backend and CLI tool with AI chat, MCP support Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the fetch function in the AI Proxy Middleware component when processing the baseurl argument. An attack...

7.5CVSS7.2AI score0.00278EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.10 views

HyperChat 代码问题漏洞

HyperChat is an open-source local AI agent platform developed by dadigua. It supports configuration-driven and project-level AI expertise. Versions of HyperChat 2.0.0-alpha.63 and earlier have code vulnerabilities. These vulnerabilities stem from the baseurl parameter in the fetch function of the...

7.5CVSS7.3AI score0.00278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/27 7:23 p.m.5 views

CVE-2026-7021

A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...

5.1CVSS4.8AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/04/27 7:16 p.m.8 views

CVE-2026-7147

A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.baseurl results in server-side request forgery. Remote...

7.5CVSS0.00278EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/27 6:15 p.m.35 views

CVE-2026-7147 JoeCastrom mcp-chat-studio LLM Models API llm.js server-side request forgery

A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.baseurl results in server-side request forgery. Remote...

7.5CVSS0.00278EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/27 6:15 p.m.6 views

EUVD-2026-25906

A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.baseurl results in server-side request forgery. Remote...

7.5CVSS7AI score0.00278EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/27 6:15 p.m.4 views

CVE-2026-7147

A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.baseurl results in server-side request forgery. Remote...

7.5CVSS7AI score0.00278EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.10 views

PT-2026-35512

A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.base url results in server-side request forgery. Remot...

7.5CVSS7.1AI score0.00278EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/26 5:30 a.m.36 views

CVE-2026-7021 SmythOS sre Connector Service utils.ts information disclosure

A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...

5.1CVSS0.0018EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.9 views

PT-2026-35202

A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...

5.1CVSS4.8AI score0.0018EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/16 9:52 p.m.10 views

Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains

Summary A Server-Side Request Forgery SSRF vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass th...

8.3CVSS6AI score0.00233EPSS
Exploits1References3Affected Software2
Rows per page
Query Builder