12 matches found
EUVD-2025-22156
Malicious code in bioql PyPI...
MAL-2025-36385 Malicious code in test-mlw2-swink-manly-celeb-dippy (npm)
The package test-mlw2-swink-manly-celeb-dippy was found to contain malicious code...
Malicious code in test-mlw2-swink-manly-celeb-dippy (npm)
The package test-mlw2-swink-manly-celeb-dippy was found to contain malicious code...
CVE-2025-51868
Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...
CVE-2025-51868
Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...
CVE-2025-51868
Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...
PT-2025-30339 · Dippy · Dippy
Name of the Vulnerable Software and Affected Versions: Dippy version 2 Description: An Insecure Direct Object Reference IDOR vulnerability exists in Dippy that allows attackers to gain sensitive information. The vulnerability is present in the conversation history API endpoint and is exploitable...
CVE-2025-51868
CVE-2025-51868 describes an Insecure Direct Object Reference (IDOR) in Dippy v2. An attacker can access sensitive information through the conversation_id parameter of the conversation_history endpoint, leading to disclosure of other users’ conversation histories. Affected: Dippy version 2 (chat.d...
Dippy 安全漏洞
Dippy is an AI chat site from Dippy Inc. A security vulnerability exists in Dippy version v2, which stems from improper access control of the conversationid parameter and could lead to the disclosure of sensitive information...
CVE-2025-51868
Insecure Direct Object Reference IDOR vulnerability in Dippy chat.dippy.ai v2 allows attackers to gain sensitive information via the conversationid parameter to the conversationhistory endpoint...
Malicious code in dippy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af70946fdaf395b54bd0c8aba760c2cf4f74450a051e4329e81faffc9285d74b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2475 Malicious code in dippy (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af70946fdaf395b54bd0c8aba760c2cf4f74450a051e4329e81faffc9285d74b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...