21 matches found
Deserialization of Untrusted Data
Overview mem0ai is a Long-term memory for AI Agents Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the pickle.load or pickle.dump functions in the mem0/vectorstores/faiss.py file. An attacker can execute arbitrary code by providing crafted input to these...
EUVD-2026-26721
A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...
CVE-2026-7597
A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...
CVE-2026-7597 mem0ai mem0 faiss.py pickle.dump deserialization
A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...
CVE-2026-7597 mem0ai mem0 faiss.py pickle.dump deserialization
A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...
CVE-2026-7597
The CVE-2026-7597 vulnerability affects mem0ai mem0 up to version 1.0.11, specifically the pickle.load/pickle.dump path in mem0/vector_stores/faiss.py. An attacker can trigger deserialization remotely via manipulation of pickle operations. Public exploit details exist per the sources. The patch i...
mem0 输入验证错误漏洞
mem0 is an efficient memory algorithm benchmarking tool open-sourced by Mem0. An input validation error vulnerability exists in mem0 1.0.11 and earlier versions, which stems from improper manipulation of the pickle.load/pickle.dump functions in the mem0/vectorstores/faiss.py file, which could lea...
PT-2026-36549
Name of the Vulnerable Software and Affected Versions mem0ai mem0 versions prior to 1.0.12 Description An unsafe deserialization issue exists in the pickle.load and pickle.dump functions within the mem0/vector stores/faiss.py file. This allows a remote attacker to perform a manipulation that...
GHSA-W6V6-49GH-MC9W Flowise: Path Traversal in Vector Store basePath
Summary The Faiss and SimpleStore LlamaIndex vector store implementations accept a basePath parameter from user-controlled input and pass it directly to filesystem write operations without any sanitization. An authenticated attacker can exploit this to write vector store data to arbitrary locatio...
Flowise: Path Traversal in Vector Store basePath
Summary The Faiss and SimpleStore LlamaIndex vector store implementations accept a basePath parameter from user-controlled input and pass it directly to filesystem write operations without any sanitization. An authenticated attacker can exploit this to write vector store data to arbitrary locatio...
Directory Traversal
Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Directory Traversal via the vector store path handling in Faiss.ts and SimpleStore.ts. An attacker can read from or write to unintended filesystem locations by supplying a crafted basePath wh...
CVE-2026-3357
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default setting which permits the deserialization of untrusted data in the FAISS component...
CVE-2026-3357
IBM Langflow Desktop 1.6.0–1.8.2 contains a deserialization flaw in its FAISS Vector Store component that allows an authenticated user to achieve arbitrary code execution by uploading a crafted Python Pickle file. The vulnerability stems from unsafe default behavior that loads untrusted data, gra...
CVE-2026-3357 IBM Langflow Desktop FAISS Vector Store Remote Code Execution via malicious Pickle file
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default setting which permits the deserialization of untrusted data in the FAISS component...
Security Bulletin: IBM Langflow Desktop FAISS Vector Store Remote Code Execution via malicious Pickle file
Summary IBM Langflow Desktop supports retrieval-augmented generation RAG workflows through its FAISS Vector Store component, which loads persisted vector indexes and associated metadata from disk. A vulnerability in the FAISS component arises from unsafe deserialization of Python Pickle files,...
EUVD-2024-2778
Malicious code in bioql PyPI...
CVE-2024-5998
A vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects the latest version of the product...
LangChain pickle deserialization of untrusted data
A vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects versions prior to 0.2.4...
GHSA-F2JM-RW3H-6PHG LangChain pickle deserialization of untrusted data
A vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects versions prior to 0.2.4...
CVE-2024-5998
Technical details for CVE-2024-5998 (LangChain FAISS deserialize_from_bytes) are not provided in the connected documents. Monitor official advisories for affected versions, impact, and fixes.