Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/05/12 7:39 p.m.10 views

CVE-2026-44218 ciguard: Container image runs as root (no USER directive)

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

3CVSS5.8AI score0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 7:39 p.m.37 views

CVE-2026-44218 ciguard: Container image runs as root (no USER directive)

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

3CVSS0.00122EPSS
Exploits0References1
OSV
OSV
added 2026/01/07 9:1 p.m.5 views

CVE-2025-69221 LibreChat has Insufficient Access Control for Agent Permission Queries

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control when querying agent permissions. An authenticated attacker can read the permissions of arbitrary agents, even if they have no permissions for this agent. LibreChat allows the...

4.3CVSS6.6AI score0.00235EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/07 8:49 p.m.26 views

CVE-2025-69220 LibreChat has Insufficient Access Control for Agent Files

LibreChat is a ChatGPT clone with additional features. Version 0.8.1-rc2 does not enforce proper access control for file uploads to an agents file context and file search. An authenticated attacker with access to the agent ID can change the behavior of arbitrary agents by uploading new files to t...

7.1CVSS0.00282EPSS
Exploits1References8
Rows per page
Query Builder