Lucene search
+L

810 matches found

ibm
ibm
added 2026/05/19 3:55 p.m.14 views

Security Bulletin: Unauthenticated File Upload Vulnerability Allows Disk Space Exhaustion and Path Disclosure in Langflow OSS

Summary Unauthenticated users can upload unlimited files to the Langflow OSS server via the deprecated /api/v1/upload/flowid endpoint without authentication or validation, leading to potential disk space exhaustion DoS and information disclosure through absolute file path leakage in API responses...

7.5CVSS5.8AI score0.00215EPSS
Exploits0Affected Software1
nvd
nvd
added 2026/05/19 2:16 a.m.17 views

CVE-2026-33232

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service DoS through the server due to uncontrolled disk space consumption. The downloadagentfile...

7.5CVSS0.00396EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/19 12:35 a.m.11 views

CVE-2026-33232

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service DoS through the server due to uncontrolled disk space consumption. The downloadagentfile...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/05/19 12:35 a.m.26 views

CVE-2026-33232

The CVE-2026-33232 flaw affects AutoGPT Platform (versions 0.4.2–0.6.51). The issue is an unauthenticated DoS caused by the download_agent_file endpoint creating persistent temporary files per request and failing to delete them after serving, enabling an unauthenticated attacker to repeatedly exh...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/19 12:35 a.m.8 views

CVE-2026-33232 AutoGPT: Unauthenticated DoS via Disk Space Exhaustion

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service DoS through the server due to uncontrolled disk space consumption. The downloadagentfile...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References2
euvd
euvd
added 2026/05/19 12:35 a.m.16 views

EUVD-2026-30819

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service DoS through the server due to uncontrolled disk space consumption. The downloadagentfile...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/19 12:35 a.m.45 views

CVE-2026-33232 AutoGPT: Unauthenticated DoS via Disk Space Exhaustion

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service DoS through the server due to uncontrolled disk space consumption. The downloadagentfile...

7.5CVSS0.00396EPSS
Exploits0References2
osv
osv
added 2026/05/19 12:35 a.m.2 views

CVE-2026-33232 AutoGPT: Unauthenticated DoS via Disk Space Exhaustion

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service DoS through the server due to uncontrolled disk space consumption. The downloadagentfile...

7.5CVSS5.9AI score0.00396EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/05/19 12:0 a.m.13 views

PT-2026-41761

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service DoS through the server due to uncontrolled disk space consumption. The download agent fil...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References3
nessus
nessus
added 2026/05/14 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-44931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The newly introduced RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer- service.c in...

5.1CVSS5.6AI score0.0015EPSS
Exploits0References2
nvd
nvd
added 2026/05/13 1:1 p.m.11 views

CVE-2026-44931

The newly introduced RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer-service.c in malcontent-timerd allows arbitrary users in the system to slowly fill up disk space in /var/lib/malcontent-timerd...

5.1CVSS0.0015EPSS
Exploits0References3
cvelist
cvelist
added 2026/05/13 8:30 a.m.46 views

CVE-2026-44931 malcontent: Disk Space Exhaustion via Globally Accessible D-Bus API

The newly introduced RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer-service.c in malcontent-timerd allows arbitrary users in the system to slowly fill up disk space in /var/lib/malcontent-timerd...

5.1CVSS0.0015EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/05/13 8:30 a.m.8 views

CVE-2026-44931

The newly introduced RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer-service.c in malcontent-timerd allows arbitrary users in the system to slowly fill up disk space in /var/lib/malcontent-timerd...

5.1CVSS5.9AI score0.0015EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/05/13 8:30 a.m.19 views

CVE-2026-44931

CVE-2026-44931 affects malcontent-timerd. The newly added RecordUsage D-Bus method in libmalcontent-timer/child-timer-service.c (0.14.0) allows arbitrary system users to slowly exhaust disk space at /var/lib/malcontent-timerd. Metrics show local attack vector with no privileges required and no us...

5.1CVSS5.9AI score0.0015EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/05/13 8:30 a.m.8 views

CVE-2026-44931 malcontent: Disk Space Exhaustion via Globally Accessible D-Bus API

The newly introduced RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer-service.c in malcontent-timerd allows arbitrary users in the system to slowly fill up disk space in /var/lib/malcontent-timerd...

5.1CVSS5.9AI score0.0015EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/13 12:0 a.m.12 views

PT-2026-40587

Name of the Vulnerable Software and Affected Versions malcontent version 0.14.0 Description A D-Bus method RecordUsage in malcontent-timerd allows arbitrary system users to exhaust disk space in the /var/lib/malcontent-timerd directory. Recommendations At the moment, there is no information about...

5.1CVSS5.9AI score0.0015EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/05/13 12:0 a.m.12 views

malcontent 安全漏洞

Malcontent is a supply chain attack detection tool developed by Chainguard. Malcontent has a security vulnerability, which stems from the RecordUsage D-Bus method allowing arbitrary users to slowly fill the disk space in the /var/lib/malcontent-timerd directory...

5.1CVSS5.9AI score0.0015EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/05/12 7:38 p.m.11 views

CVE-2026-41685

A flaw was found in Incus, a system container and virtual machine manager. Authenticated users can exploit this vulnerability by uploading a large amount of data, which can exhaust the Incus server's disk space. This can lead to a Denial of Service DoS condition, potentially taking down the host...

4.3CVSS5.7AI score0.00333EPSS
Exploits1References2
cnnvd
cnnvd
added 2026/05/12 12:0 a.m.16 views

OpenTelemetry .NET Contrib 安全漏洞

OpenTelemetry .NET Contrib is an open-source telemetry data collection and processing library developed by OpenTelemetry - CNCF. Versions 1.8.0 to 1.15.2 of OpenTelemetry .NET Contrib contain security vulnerabilities. These vulnerabilities stem from the OTLP disk retry feature being reverted to a...

7.8CVSS5.8AI score0.00108EPSS
Exploits0References1
nvd
nvd
added 2026/05/07 2:16 p.m.21 views

CVE-2026-41685

Incus is a system container and virtual machine manager. Prior to version 7.0.0, uploads of large amount of data by authenticated users can run the Incus server out of disk space, potentially taking down the host system. The impact here is limited for anyone using storage.imagesvolume and...

4.3CVSS0.00333EPSS
Exploits1References2
Rows per page
Query Builder