Lucene search
K

4 matches found

NVD
NVD
added yesterday6 views

CVE-2026-54601

FastGPT is an open source AI knowledge base platform. From 4.14.17 to before 4.15.0-beta4, FastGPT allows an authenticated tenant user to call POST /api/core/dataset/collection/create/reTrainingCollection in a way that persists a server-owned datasetId value from another tenant. This creates mixe...

6.3CVSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-54601

FastGPT is an open source AI knowledge base platform. From 4.14.17 to before 4.15.0-beta4, FastGPT allows an authenticated tenant user to call POST /api/core/dataset/collection/create/reTrainingCollection in a way that persists a server-owned datasetId value from another tenant. This creates mixe...

6.3CVSS6AI score
Exploits0References5Affected Software1
Packet Storm News
Packet Storm News
added 2025/05/05 12:0 a.m.5 views

Towards Dataset Copyright Evasion Attack against Personalized Text-To-Image Diffusion Models

Text-to-image T2I diffusion models have rapidly advanced, enabling high-quality image generation conditioned on textual prompts. However, the growing trend of fine-tuning pre-trained models for personalization raises serious concerns about unauthorized dataset usage. To combat this, dataset...

7.2AI score
Exploits0
Veracode
Veracode
added 2024/06/12 6:34 a.m.15 views

Insufficient Granularity Of Access Control

lunary is vulnerable to an Insufficient Granularity of Access Control vulnerability. The vulnerability is due to improper validation of dataset ownership, allowing users to create, update, get, and delete prompt variations for datasets not owned by their organization, leading to unauthorized...

8.1CVSS6.8AI score0.00431EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder