4 matches found
PT-2026-41213
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description A mass assignment issue exists in the DatasetRow create and update processes. The application uses Object.assign to copy the request body into the DatasetRow entity without an explicit field allowlis...
PT-2026-41212
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.2 Description A mass assignment issue exists in the dataset create and update processes. The application uses Object.assign to copy the request body into a Dataset entity without an explicit field allowlist,...
CVE-2026-7681
The CVE-2026-7681 entry concerns jsbroks COCO Annotator (up to version 0.11.1). The vulnerability affects the Dataset API’s datasets.py (backend/webserver/api/datasets.py) where manipulation of the DatasetId argument bypasses authorization. Impact is described as potential remote exploitation wit...
CVE-2025-57140
rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path...