CVE-2026-3813

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WFCCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

EUVD-2026-10317

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WFCCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

EUVD-2026-10316

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WFCCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

CVE-2026-3813 opencc JFlow WF_CCForm.java Calculate injection

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WFCCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

CVE-2026-3813

opencc JFlow contains a vulnerability CVE-2026-3813 affecting the function Calculate in src/main/java/bp/wf/httphandler/WF_CCForm.java. The issue enables injection and can be triggered remotely; an exploit is publicly available. The project uses a rolling release model and does not disclose affec...

PT-2026-24052

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WF CCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

JFlow 安全漏洞

JFlow is a low-code BPM development platform open-sourced by Jinan Chicheng opencc in China. JFlow has a security vulnerability, which stems from incorrect operations on the function Calculate in the file src/main/java/bp/wf/httphandler/WFCCForm.java, potentially leading to injection attacks...

EUVD-2025-6967

Malicious code in bioql PyPI...

Arbitrary Command Injection

Overview lollms is a python library for AI personality definition Affected versions of this package are vulnerable to Arbitrary Command Injection in the calculate function, which uses the eval function without sufficient protection. An attacker can execute commands on the server by injecting...

CVE-2024-6982 Remote Code Execution in Calculate Function in parisneo/lollms

A remote code execution vulnerability exists in the Calculate function of parisneo/lollms version 9.8. The vulnerability arises from the use of Python's eval function to evaluate mathematical expressions within a Python sandbox that disables builtins and only allows functions from the math module...

CVE-2024-6982 Remote Code Execution in Calculate Function in parisneo/lollms

A remote code execution vulnerability exists in the Calculate function of parisneo/lollms version 9.8. The vulnerability arises from the use of Python's eval function to evaluate mathematical expressions within a Python sandbox that disables builtins and only allows functions from the math module...

LoLLMs 代码注入漏洞

LoLLMs is a large language and multimodal system by the individual developer Saifeddine ALOUI. A code injection vulnerability exists in LoLLMs version 9.8, which stems from the use of the eval function in the Calculate function and could lead to remote code execution...