Lucene search
K

239 matches found

Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.10 views

PT-2026-35512

A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.base url results in server-side request forgery. Remot...

7.5CVSS7.1AI score0.00278EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/26 5:30 a.m.36 views

CVE-2026-7021 SmythOS sre Connector Service utils.ts information disclosure

A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...

5.1CVSS0.0018EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.9 views

PT-2026-35202

A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argument baseURL causes information disclosure. It is possible to initiate the attack remotely. The...

5.1CVSS4.8AI score0.0018EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/16 9:52 p.m.10 views

Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains

Summary A Server-Side Request Forgery SSRF vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass th...

8.3CVSS6AI score0.00233EPSS
Exploits1References3Affected Software2
NVD
NVD
added 2026/04/09 10:16 p.m.13 views

CVE-2026-35644

OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive...

7.1CVSS0.00193EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/09 9:27 p.m.3 views

CVE-2026-35644 OpenClaw < 2026.3.22 - Credential Exposure via baseUrl Fields in Gateway Snapshots

OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive...

7.1CVSS5.8AI score0.00193EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:26 p.m.2 views

CVE-2026-35618

OpenClaw before 2026.3.23 contains a replay identity vulnerability in Plivo V2 signature verification that allows attackers to bypass replay protection by modifying query parameters. The verification path derives replay keys from the full URL including query strings instead of the canonicalized...

8.3CVSS6AI score0.00283EPSS
Exploits0References5
NVD
NVD
added 2026/04/08 7:25 p.m.13 views

CVE-2026-35400

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1, an endpoint in the publication module was incorrectly trusting the baseURL submitted by a user's PO...

4.3CVSS0.00201EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 6:26 p.m.26 views

CVE-2026-35400 LORIS incorrectly trusts user input in publication module

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1, an endpoint in the publication module was incorrectly trusting the baseURL submitted by a user's PO...

3.5CVSS0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 6:26 p.m.4 views

CVE-2026-35400 LORIS incorrectly trusts user input in publication module

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1, an endpoint in the publication module was incorrectly trusting the baseURL submitted by a user's PO...

3.5CVSS6AI score0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 6:26 p.m.4 views

EUVD-2026-20576

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1, an endpoint in the publication module was incorrectly trusting the baseURL submitted by a user's PO...

3.5CVSS6AI score0.00201EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 6:26 p.m.18 views

CVE-2026-35400

LORIS (Longitudinal Online Research and Imaging System) is affected from 20.0.0 up to but not including 27.0.3 and 28.0.1 by a publication module flaw that trusts the baseURL submitted via a user’s POST request instead of the internal LORIS value. This could allow an attacker with publication-mod...

4.3CVSS6AI score0.00201EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31428

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1, an endpoint in the publication module was incorrectly trusting the baseURL submitted by a user's PO...

3.5CVSS6AI score0.00201EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.11 views

LORIS Neuroimaging Platform 后置链接漏洞

LORIS Neuroimaging Platform is a neuroimaging platform open sourced by ACElab. Versions of LORIS Neuroimaging Platform from 20.0.0 to 27.0.3, as well as versions before 28.0.1, had a postback link vulnerability. This vulnerability stemmed from an error in the endpoint of the publication module,...

4.3CVSS5.8AI score0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/02 3:31 p.m.4 views

EUVD-2026-18228

Szafir SDK Web is a browser plug-in that can run SzafirHost application which download the necessary files when launched. In Szafir SDK Web it is possible to change the URL HTTP Origin of the application call location. An unauthenticated attacker can craft a website that is able to launch...

5.1CVSS6.2AI score0.00266EPSS
Exploits0References3
NVD
NVD
added 2026/04/02 2:16 p.m.5 views

CVE-2026-26927

Szafir SDK Web is a browser plug-in that can run SzafirHost application which download the necessary files when launched. In Szafir SDK Web it is possible to change the URL HTTP Origin of the application call location. An unauthenticated attacker can craft a website that is able to launch...

5.1CVSS0.00266EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/02 2:1 p.m.3 views

CVE-2026-26927 URL (HTTP Origin) call location spoofing in Szafir SDK Web

Szafir SDK Web is a browser plug-in that can run SzafirHost application which download the necessary files when launched. In Szafir SDK Web it is possible to change the URL HTTP Origin of the application call location. An unauthenticated attacker can craft a website that is able to launch...

5.1CVSS6.2AI score0.00266EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.9 views

Krajowa Izba Rozliczeniowa Szafir SDK Web 安全漏洞

Krajowa Izba Rozliczeniowa Szafir SDK Web is a development toolkit for electronic signatures and identity authentication provided by the Polish company Krajowa Izba Rozliczeniowa. Versions of Krajowa Izba Rozliczeniowa Szafir SDK Web prior to 0.0.17.4 contained security vulnerabilities. These...

5.1CVSS5.9AI score0.00266EPSS
Exploits0References2
Veracode
Veracode
added 2026/03/28 5:21 a.m.24 views

Server-Side Request Forgery (SSRF)

saloonphp/saloon is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper validation of request endpoints allowing absolute URLs to override the base URL, which allows an attacker to redirect requests to malicious hosts and potentially exfiltrate sensitive data such...

8.7CVSS5.9AI score0.0042EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2026/03/26 9:15 p.m.3 views

Insufficiently Protected Credentials

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the config.get and channels.status processes. An attacker can obtain sensitive credentials by accessing gateway snapshots that include unredacted...

7.1CVSS5.9AI score0.00193EPSS
Exploits0References3
Rows per page
Query Builder