Flowise 安全漏洞

Flowise is an open-source tool developed by FlowiseAI, designed for easily building LLM applications. Versions of Flowise prior to 3.1.0 contained security vulnerabilities. These vulnerabilities stemmed from an improper bulk assignment vulnerability in the account registration endpoint, allowing...

chyrp-lite 安全漏洞

Chyrp-Lite is a self-hosted blog and website platform developed by Daniel Pimley. Versions of Chyrp-Lite prior to version 2026.01 contained security vulnerabilities. These vulnerabilities stemmed from insecure direct object references or bulk assignment issues in the Post model, which could lead ...

titra 安全漏洞

titra is an open source time tracking project by kromit. A security vulnerability exists in titra 0.99.49 and earlier versions , the vulnerability stems from a bulk assignment vulnerability in the API that allows authenticated users to bypass business logic controls by injecting arbitrary fields...

UliCMS 安全漏洞

UliCMS is a content management system CMS open source by UliCMS. The system supports features such as access control and WYSIWYG editing. A security vulnerability exists in UliCMS version 2023.1, which stems from an improper bulk assignment in UserController that could lead to authentication bypa...

AnythingLLM 安全漏洞

AnythingLLM is a document chatbot that meets business requirements. A security vulnerability exists in AnythingLLM that stems from allowing users with the Manager role to escalate their privileges to the Administrator role via a bulk assignment issue...

Gravitl Netmaker 安全漏洞

Gravitl Netmaker is a platform for creating and managing fast, secure and dynamic virtual overlay networks using WireGuard from Gravitl USA. For creating and controlling automated virtual networks. A security vulnerability exists in Gravitl Netmaker versions prior to 0.18.6, which stems from a bu...