Lucene search
K

55 matches found

NVD
NVD
added 2026/06/17 1:19 p.m.11 views

CVE-2024-32729

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QuantumCloud Conversational Forms for ChatBot allows Path Traversal. This issue affects Conversational Forms for ChatBot: from n/a through 1.1.8...

7.5CVSS0.0043EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40007

A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavior across conversation turns...

8.2CVSS5.7AI score0.00218EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/04/13 12:0 a.m.8 views

A Synthetic Conversational Smishing Dataset for Social Engineering Detection

Smishing SMS phishing has become a serious cybersecurity threat, especially for elderly and cyber-unaware individuals, causing financial loss and undermining user trust. Although prior work has focused on detecting smishing at the level of individual messages, real-world attackers often rely on...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/08 12:0 a.m.5 views

SentinelSphere: Integrating AI-Powered Real-Time Threat Detection with Cybersecurity Awareness Training

The field of cybersecurity is confronted with two interrelated challenges: a worldwide deficit of qualified practitioners and ongoing human-factor weaknesses that account for the bulk of security incidents. To tackle these issues, we present SentinelSphere, a platform driven by artificial...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.10 views

CVE-2024-34380

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through 1.2.0...

6.5CVSS5.2AI score0.00354EPSS
Exploits0References1
HackRead
HackRead
added 2025/11/11 10:35 a.m.6 views

Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats

Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/09 12:0 a.m.6 views

Pattern Enhanced Multi-Turn Jailbreaking: Exploiting Structural Vulnerabilities in Large Language Models

Large language models LLMs remain vulnerable to multi-turn jailbreaking attacks that exploit conversational context to bypass safety constraints gradually. These attacks target different harm categories like malware generation, harassment, or fraud through distinct conversational approaches...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/08 12:0 a.m.5 views

RedTWIZ: Diverse LLM Red Teaming Via Adaptive Attack Planning

This paper presents the vision, scientific contributions, and technical details of RedTWIZ: an adaptive and diverse multi-turn red teaming framework, to audit the robustness of Large Language Models LLMs in AI-assisted software development. Our work is driven by three major research streams: 1...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-30312

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00182EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2024-34752

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00354EPSS
Exploits0References1
OSV
OSV
added 2025/08/14 6:52 p.m.9 views

MAL-2025-9587 Malicious code in @usaa-grp-conversational-search/ent-search-ui (npm)

The package @usaa-grp-conversational-search/ent-search-ui was found to contain malicious code...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/05 12:0 a.m.6 views

Urania: Differentially Private Insights into AI Use

We introduce $Urania$, a novel framework for generating insights about LLM chatbot interactions with rigorous differential privacy DP guarantees. The framework employs a private clustering mechanism and innovative keyword extraction methods, including frequency-based, TF-IDF-based, and LLM-guided...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/06/03 2:0 p.m.7 views

Introducing AI Attack Coverage in Exposure Command: Secure what traditional AppSec Tools miss

The rise of GenAI-powered applications – from internal copilots to customer-facing chatbots – is changing how businesses operate. While these tools drive innovation, they also introduce a fast moving, often invisible layer of risk. Most traditional AppSec tools were never built to handle the uniq...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 11:35 a.m.5 views

CVE-2025-22813

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Conversational Forms for ChatBot conversational-forms allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through = 1.4.2...

6.5CVSS7.2AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:38 a.m.8 views

CVE-2023-23981

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in QuantumCloud Conversational Forms for ChatBot plugin = 1.1.6 versions...

5.9CVSS5.2AI score0.00392EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/18 7:59 p.m.23 views

CVE-2025-32377 Rasa Pro Missing Authentication For Voice Connector APIs

Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models LLMs. A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the...

6.5CVSS0.00429EPSS
Exploits0References1
CNVD
CNVD
added 2025/03/17 12:0 a.m.10 views

NVIDIA Riva riva_quickstart Access Control Error Vulnerability

NVIDIA Riva is a fully accelerated conversational AI application framework released by NVIDIA for building multimodal conversational AI services using end-to-end. An access control error vulnerability exists in NVIDIA Riva rivaquickstart, which can be exploited by an attacker to submit a special...

9.1CVSS6.7AI score0.02009EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/03/05 1:20 p.m.12 views

Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud

Google has announced the rollout of artificial intelligence AI-powered scam detection features to secure Android device users and their personal information. "These features specifically target conversational scams, which can often appear initially harmless before evolving into harmful situations...

6.9AI score
Exploits0
NVD
NVD
added 2025/01/09 4:16 p.m.10 views

CVE-2025-22813

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Conversational Forms for ChatBot conversational-forms allows Stored XSS.This issue affects Conversational Forms for ChatBot: from n/a through = 1.4.2...

6.5CVSS0.00225EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.4 views

WordPress plugin Conversational Forms for ChatBot 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS7.7AI score0.00225EPSS
Exploits0References1
Rows per page
Query Builder