3 matches found
CVE-2026-41481
CVE-2026-41481 affects LangChain’s HTMLHeaderTextSplitter.split_text_from_url() prior to 1.1.2. The code validates the initial URL with validate_safe_url(), but then fetches with requests.get() (redirects enabled by default) and does not revalidate redirects, allowing a URL to attacker-controlled...
WordPress ads.txt Guru Connect Plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin ads.txt Guru Connect versions = 1.1.1...
WordPress Advanced All in One Admin Search by WP Spotlight plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Advanced All in One Admin Search by WP Spotlight versions = 1.1.1...