5 matches found
CVE-2025-54659
An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability CWE-22 vulnerability in Fortinet FortiSOAR Agent Communication Bridge 1.1.0, FortiSOAR Agent Communication Bridge 1.0 all versions may allow an unauthenticated attacker to read files accessible to the...
CVE-2026-23733
LobeChat is an open source chat application platform. Prior to version 2.0.0-next.180, a stored Cross-Site Scripting XSS vulnerability in the Mermaid artifact renderer allows attackers to execute arbitrary JavaScript within the application context. This XSS can be escalated to Remote Code Executi...
CVE-2025-66222
DeepChat is a smart assistant uses artificial intelligence. In 0.5.0 and earlier, there is a Stored Cross-Site Scripting XSS vulnerability in the Mermaid diagram renderer allows an attacker to execute arbitrary JavaScript within the application context. By leveraging the exposed Electron IPC...
Malicious code in communication-bridge (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca24ad613d55f6103dd8e2bc5a903d213746087f94a99f3646d3d13da75b82ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11131 Malicious code in communication-bridge (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca24ad613d55f6103dd8e2bc5a903d213746087f94a99f3646d3d13da75b82ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...