Lucene search
K

686 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-43311

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to restrict the groupconstrained channel flag to public and private channels that support group synchronization, which allows an ordinary group or direct message member to remove all participants from the conversation v...

5.4CVSS6.1AI score0.0017EPSS
Exploits0References2
Metasploit
Metasploit
added 4 days ago24 views

FTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an FTP server. Listen for a connection Module Options msf use payload/cmd/windows/ftp/x86/vncinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options... msf...

6.2AI score
Exploits0
Cvelist
Cvelist
added 2026/06/25 3:50 p.m.34 views

CVE-2026-54033 LibreChat: SSRF via User-Provided Custom Endpoint baseURL — no private IP validation on user-configured API base URLs

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This URL is used to construct HTTP requests without any SSRF validation — no private IP check, no scheme...

7.7CVSS0.00207EPSS
Exploits1References1
CVE
CVE
added 2026/06/25 3:50 p.m.8 views

CVE-2026-54033

LibreChat exposes an SSRF risk in its baseURL handling: prior to version 0.8.4-rc1, an authenticated user could set a custom OpenAI-compatible API endpoint baseURL and have requests constructed without SSRF validation (no private IP check, no scheme restriction, no DNS pinning). This allowed dire...

7.7CVSS5.9AI score0.00207EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/06/25 3:50 p.m.5 views

EUVD-2026-39460

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This URL is used to construct HTTP requests without any SSRF validation — no private IP check, no scheme...

7.7CVSS5.9AI score0.00207EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/24 1:25 p.m.43 views

nginx: ngx_http_rewrite_module: code execution and denial of service

A flaw was found in the ngxhttprewritemodule module of NGINX. When a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures and a replacement string that references multiple such captures in a redirect or arguments context, an...

9.2CVSS6.6AI score0.04261EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/06/24 10:7 a.m.8 views

nginx: ngx_http_rewrite_module: code execution and denial of service

A flaw was found in the ngxhttprewritemodule module of NGINX. When a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures and a replacement string that references multiple such captures in a redirect or arguments context, an...

9.2CVSS6.6AI score0.04261EPSS
Exploits3References5
OSV
OSV
added 2026/06/16 10:49 p.m.2 views

CVE-2026-48782 pydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. In versions 1.56.0 through 1.101.0, 2.0.0b1, and 2.0.0b2, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form that the previous fix, CVE-2026-46678...

6.8CVSS5.9AI score0.00332EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/16 9:0 p.m.12 views

Crawl4AI: SSRF filter bypass in Docker server via IPv6 transition forms (NAT64 / 6to4 / unspecified / v4-mapped)

Summary The Docker API server's SSRF protection validatewebhookurl / validateurldestination in deploy/docker/utils.py used an explicit IPv4/IPv6 CIDR blocklist that missed several address families. An attacker could reach internal services and cloud metadata endpoints e.g. 169.254.169.254 despite...

7.5CVSS5.5AI score0.00267EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.18 views

PT-2026-50129

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. In versions 1.56.0 through 1.101.0, 2.0.0b1, and 2.0.0b2, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form that the previous fix, CVE-2026-46678...

6.8CVSS5.3AI score0.00332EPSS
Exploits0References7
OSV
OSV
added 2026/06/15 5:31 p.m.11 views

GHSA-38CX-CQ6F-5755 Symfony: IpUtils::PRIVATE_SUBNETS Omits IPv6 Transition Forms (6to4, NAT64, Teredo, IPv4-compatible): SSRF Bypass in NoPrivateNetworkHttpClient

Description Symfony\Component\HttpClient\NoPrivateNetworkHttpClient is documented as a decorator that blocks requests to private networks by default. The list of blocked subnets Symfony\Component\HttpFoundation\IpUtils::PRIVATESUBNETS on 6.4+, a private constant in NoPrivateNetworkHttpClient on 5...

6.3CVSS5.5AI score0.00029EPSS
Exploits0References8
Fedora
Fedora
added 2026/06/12 1:8 a.m.12 views

[SECURITY] Fedora 43 Update: vaultwarden-1.36.0-1.fc43

Unofficial Bitwarden compatible server...

8.3CVSS5.4AI score0.00443EPSS
Exploits4
Fedora
Fedora
added 2026/06/12 1:0 a.m.10 views

[SECURITY] Fedora 44 Update: vaultwarden-1.36.0-1.fc44

Unofficial Bitwarden compatible server...

8.3CVSS5.4AI score0.00443EPSS
Exploits4
NVD
NVD
added 2026/06/11 10:16 a.m.12 views

CVE-2026-5497

vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory OOM Denial of Service DoS attack due to unbounded frame count processing in the VideoMediaIO.loadbase64 method. When processing video/jpeg data URLs, the method splits the base64 data string on commas to extract individual JPEG fram...

7.5CVSS0.00543EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/11 8:31 a.m.11 views

EUVD-2026-36217

vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory OOM Denial of Service DoS attack due to unbounded frame count processing in the VideoMediaIO.loadbase64 method. When processing video/jpeg data URLs, the method splits the base64 data string on commas to extract individual JPEG fram...

7.5CVSS5.5AI score0.00543EPSS
Exploits1References2
CVE
CVE
added 2026/06/11 8:31 a.m.70 views

CVE-2026-5497

CVE-2026-5497 affects vLLM 0.8.0 and later, where VideoMediaIO.load_base64() can perform unbounded frame processing for video/jpeg data URLs, leading to an Out-of-Memory DoS. An attacker can craft a single API request with thousands of comma-separated base64 JPEG frames, causing the server to dec...

7.5CVSS5.5AI score0.00543EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.10 views

CVE-2026-9540

A flaw was found in vllm-project vllm, specifically within its OpenAI-compatible Serving Path. A remote attacker could exploit this vulnerability by manipulating certain processing, leading to a denial of service DoS. This could make the affected service unavailable to legitimate users. The issue...

6.9CVSS6AI score0.00427EPSS
Exploits0References10
OSV
OSV
added 2026/05/26 3:32 p.m.5 views

GHSA-98F3-HWG4-4RF7 vllm has Improper Resource Shutdown or Release

A vulnerability was identified in vllm-project vllm 0.19.0. This issue affects some unknown processing of the component OpenAI-compatible Serving Path. Such manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit is publicly available and might be used...

6.9CVSS5.5AI score0.00427EPSS
Exploits0References8
Snyk
Snyk
added 2026/05/26 2:43 p.m.12 views

Improper Resource Shutdown or Release

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the OpenAI-compatible Serving Path component. An attacker can cause the service to become unavailable by...

6.9CVSS6.1AI score0.00427EPSS
Exploits0References2
NVD
NVD
added 2026/05/26 2:16 p.m.19 views

CVE-2026-9540

A vulnerability was identified in vllm-project vllm 0.19.0. This issue affects some unknown processing of the component OpenAI-compatible Serving Path. Such manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit is publicly available and might be used...

6.9CVSS0.00427EPSS
Exploits0References7
Rows per page
Query Builder