128 matches found
Hijacking Agent Memory: Stealthy Trojan Attacks through Conversational Interaction
Large language model LLM agents increasingly leverage long term memory to support persistent and autonomous task execution. However, this capability also introduces a new attack surface: memory poisoning, where adversaries can inject malicious information to influence future behavior. Existing...
Chatwoot SQL注入漏洞
Chatwoot is an open-source application developed by Chatwoot itself. It serves as an alternative to proprietary solutions such as customer engagement suites, intercom systems, Zendesk, and Salesforce service clouds. Versions of Chatwoot from 2.2.0 to 4.11.2 contained a SQL injection vulnerability...
EUVD-2026-27390
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...
CVE-2026-7845
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...
CVE-2026-7845
The CVE-2026-7845 issue affects chatchat-space Langchain-Chatchat (up to 0.3.1.3). It targets the Vision Chat Paste Image Handler: the function PIL.Image.tobytes in libs/chatchat-server/chatchat/webui_pages/dialogue/dialogue.py, via manipulation of paste_image.image_data, leads to the use of a we...
CVE-2026-7845 chatchat-space Langchain-Chatchat Vision Chat Paste Image dialogue.py PIL.Image.tobytes weak hash
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...
ContextualJailbreak: Evolutionary Red-Teaming Via Simulated Conversational Priming
Large language models LLMs remain vulnerable to jailbreak attacks that bypass safety alignment and elicit harmful responses. A growing body of work shows that contextual priming, where earlier turns covertly bias later replies, constitutes a powerful attack surface, with hand-crafted multi-turn...
Astra Linux - уязвимость в chromium
The use of "after free" in Window Dialogs in Google Chrome before version 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
VMware Spring AI 访问控制错误漏洞
VMware Spring AI is a development framework by the American company VMware, which integrates artificial intelligence and large language model capabilities into the Spring ecosystem. VMware Spring AI has a access control vulnerability; this vulnerability stems from injecting filter logic through...
CVE-2026-5455
A vulnerability was determined in Dialogue App up to 4.3.2 on Android. The affected element is an unknown function of the file file res/raw/config.json of the component ca.diagram.dialogue. Executing a manipulation of the argument SEGMENTWRITEKEY can lead to use of hard-coded cryptographic key...
EUVD-2026-18603
A vulnerability was determined in Dialogue App up to 4.3.2 on Android. The affected element is an unknown function of the file file res/raw/config.json of the component ca.diagram.dialogue. Executing a manipulation of the argument SEGMENTWRITEKEY can lead to use of hard-coded cryptographic key...
CVE-2026-5455
A vulnerability was determined in Dialogue App up to 4.3.2 on Android. The affected element is an unknown function of the file file res/raw/config.json of the component ca.diagram.dialogue. Executing a manipulation of the argument SEGMENTWRITEKEY can lead to use of hard-coded cryptographic key...
CVE-2026-5455
A vulnerability was determined in Dialogue App up to 4.3.2 on Android. The affected element is an unknown function of the file file res/raw/config.json of the component ca.diagram.dialogue. Executing a manipulation of the argument SEGMENTWRITEKEY can lead to use of hard-coded cryptographic key...
CVE-2026-5455 Dialogue App ca.diagram.dialogue config.json hard-coded key
A vulnerability was determined in Dialogue App up to 4.3.2 on Android. The affected element is an unknown function of the file file res/raw/config.json of the component ca.diagram.dialogue. Executing a manipulation of the argument SEGMENTWRITEKEY can lead to use of hard-coded cryptographic key...
CVE-2026-5455
CVE-2026-5455 affects Dialogue App up to version 4.3.2 on Android. The vulnerable element is an unknown function in file res/raw/config.json of the ca.diagram.dialogue component. Manipulation of the argument SEGMENT_WRITE_KEY can lead to use of a hard-coded cryptographic key. The attack is local-...
CVE-2026-5455 Dialogue App ca.diagram.dialogue config.json hard-coded key
A vulnerability was determined in Dialogue App up to 4.3.2 on Android. The affected element is an unknown function of the file file res/raw/config.json of the component ca.diagram.dialogue. Executing a manipulation of the argument SEGMENTWRITEKEY can lead to use of hard-coded cryptographic key...
PT-2026-29989
A vulnerability was determined in Dialogue App up to 4.3.2 on Android. The affected element is an unknown function of the file file res/raw/config.json of the component ca.diagram.dialogue. Executing a manipulation of the argument SEGMENT WRITE KEY can lead to use of hard-coded cryptographic key...
Dialogue App 安全漏洞
Dialogue App is an artificial intelligence dialogue application developed by Dialogue Company. Versions of Dialogue App 4.3.2 and earlier contained security vulnerabilities, which were caused by the use of a hardcoded encryption key for the parameter SEGMENTWRITEKEY...
Red Hat Ansible Automation Platform 2 安全漏洞
Red Hat Ansible Automation Platform 2 is software developed by Red Hat Inc. It is used for building, deploying, and managing automation processes. There is a security vulnerability in Red Hat Ansible Automation Platform 2. This vulnerability stems from the dialogue endpoints that handle AI chat...
EUVD-2002-0714
Malware in sbrugna...