Lucene search
+L

5 matches found

OSV
OSV
added 2026/06/23 4:17 p.m.4 views

CVE-2026-55450 Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network access to Langflow. This can lead to space exhaustion on the...

9.3CVSS6AI score0.00332EPSS
Exploits1References4
OSV
OSV
added 2025/12/04 7:16 p.m.6 views

AZL-71566 CVE-2025-65637 affecting package containerized-data-importer for versions less than 1.55.0-27

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...

7.5CVSS7.3AI score0.00585EPSS
Exploits1References1
OSV
OSV
added 2025/12/04 7:16 p.m.9 views

AZL-71513 CVE-2025-65637 affecting package containerized-data-importer for versions less than 1.62.0-1

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...

7.5CVSS5.8AI score0.00585EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/08/20 12:0 a.m.15 views

WordPress WP Last Modified Info Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Last Modified Info Type Plugin Vulnerable versions = 1.9.0 Fixed in 1.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6864 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1e374934e79b Credits Webbernaut Require...

6.4CVSS5.8AI score0.00313EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/11/23 12:0 a.m.25 views

WordPress TextMe SMS Plugin <= 1.9.0 is vulnerable to Broken Access Control

Software TextMe SMS Type Plugin Vulnerable versions = 1.9.0 Fixed in 1.9.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48287 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 91f657366fb1 Credits Arvandy Required privilege...

6.9AI score0.00457EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder