Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/04/04 10:54 p.m.5 views

CVE-2026-22665

prompts.chat prior to commit 1464475, contains an identity confusion vulnerability due to inconsistent case-sensitive and case-insensitive handling of usernames across write and read paths, allowing attackers to create case-variant usernames that bypass uniqueness checks. Attackers can exploit...

8.6CVSS5.8AI score0.00332EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/03 8:28 p.m.2 views

CVE-2026-22665 prompts.chat Identity Confusion via Case-Sensitive Username Handling

prompts.chat prior to commit 1464475, contains an identity confusion vulnerability due to inconsistent case-sensitive and case-insensitive handling of usernames across write and read paths, allowing attackers to create case-variant usernames that bypass uniqueness checks. Attackers can exploit...

8.6CVSS5.8AI score0.00332EPSS
Exploits1References3
CVE
CVE
added 2026/04/03 8:28 p.m.15 views

CVE-2026-22665

CVE-2026-22665 affects prompts.chat prior to commit 1464475. The root cause is inconsistent handling of usernames across write and read paths, mixing case-sensitive and case-insensitive comparisons. This identity confusion allows creation of case-variant usernames that bypass uniqueness checks, e...

8.6CVSS5.2AI score0.00332EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/03 8:28 p.m.25 views

CVE-2026-22665 prompts.chat Identity Confusion via Case-Sensitive Username Handling

prompts.chat prior to commit 1464475, contains an identity confusion vulnerability due to inconsistent case-sensitive and case-insensitive handling of usernames across write and read paths, allowing attackers to create case-variant usernames that bypass uniqueness checks. Attackers can exploit...

8.6CVSS0.00332EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30229

Name of the Vulnerable Software and Affected Versions prompts.chat versions prior to commit 1464475 Description prompts.chat is susceptible to an identity confusion issue stemming from inconsistent case sensitivity in username handling during write and read operations. This allows attackers to...

8.6CVSS5.9AI score0.00332EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.21 views

EUVD-2025-14804

Malicious code in bioql PyPI...

8.1CVSS6.4AI score0.00629EPSS
Exploits0References3
Veracode
Veracode
added 2025/04/08 12:0 p.m.10 views

Class Pollution

Mesop is vulnerable to Class Pollution. The vulnerability is due to insecure handling of global variables and class attributes due to the ability of attackers to overwrite them at runtime, leading to potential denial of service, identity confusion, or remote code execution...

8.1CVSS7.9AI score0.00629EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2025/03/27 6:14 p.m.22 views

Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks

From @jackfromeast and @superboy-zjc: We have identified a class pollution vulnerability in Mesop = 0.14.0 application that allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to a denial of service Do...

8.1CVSS6.8AI score0.00629EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/03/27 3:16 p.m.38 views

CVE-2025-30358

Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to...

8.1CVSS0.00629EPSS
Exploits0References2
OSV
OSV
added 2025/03/27 2:49 p.m.15 views

CVE-2025-30358 Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks

Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to...

8.1CVSS7.5AI score0.00629EPSS
Exploits0References4
CVE
CVE
added 2025/03/27 2:49 p.m.75 views

CVE-2025-30358

Mesop is a Python-based UI framework. A class pollution vulnerability in Mesop before 0.14.1 allows attackers to overwrite global variables and class attributes at runtime in certain modules, enabling DoS on the server and potential identity confusion (e.g., impersonating assistants or system rol...

8.1CVSS8AI score0.00629EPSS
Exploits0References2
Rows per page
Query Builder