Lucene search
K

1444 matches found

CVE
CVE
added yesterday7 views

CVE-2026-61646

FastGPT before 4.15.0-beta5 has an SSRF flaw in its shared guard: it validates only the initial request URL and then passes the request to axios, which follows redirects. An authenticated workflow user can configure an HTTP request node to reach attacker-controlled public URLs that redirect to in...

6.3CVSS6.1AI score
Exploits0References2
CVE
CVE
added yesterday4 views

CVE-2026-61644

FastGPT contains a cross-tenant data disclosure in POST /api/core/chat/record/getCollectionQuote. From 4.14.17 through 4.15.0-beta5, the initialId center-node lookup is not bound to the caller’s authenticated chat/collection context, allowing a low-privileged tenant to supply attacker-owned appId...

7.7CVSS6.1AI score
Exploits0References4
Cvelist
Cvelist
added yesterday7 views

CVE-2026-61644 FastGPT: /api/core/chat/record/getCollectionQuote can disclose cross-tenant dataset text due to an unbound initialId lookup

FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, the POST /api/core/chat/record/getCollectionQuote endpoint authenticates the caller's chat and collection context, but the initialId center-node lookup is not bound to that authorized context. A low-privileged...

7.7CVSS
Exploits0References4
EUVD
EUVD
added yesterday4 views

EUVD-2026-44677

FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, the POST /api/core/chat/record/getCollectionQuote endpoint authenticates the caller's chat and collection context, but the initialId center-node lookup is not bound to that authorized context. A low-privileged...

7.7CVSS6.1AI score
Exploits0References4
CVE
CVE
added 2 days ago9 views

CVE-2026-10051

CVE-2026-10051 concerns Eclipse Jetty: the first HTTP/1.1 request with trailers is retained on the same connection, making subsequent requests either report the first request’s trailers or their union with the current request. This implies a potential confidentiality impact on trailer data (per C...

7.5CVSS6.1AI score0.00253EPSS
Exploits1References1Affected Software1
SUSE CVE
SUSE CVE
added last week8 views

SUSE CVE-2026-14740

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

6.5CVSS6.1AI score0.00407EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-14740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes...

9.1CVSS6.2AI score0.00407EPSS
Exploits0References4
OSV
OSV
added 2026/07/07 11:16 p.m.4 views

DEBIAN-CVE-2026-14740

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

9.1CVSS6AI score0.00407EPSS
Exploits0References1
NVD
NVD
added 2026/07/07 11:16 p.m.8 views

CVE-2026-14740

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

9.1CVSS0.00407EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/07 10:5 p.m.6 views

CVE-2026-14740

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

6AI score0.00407EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/07 10:5 p.m.31 views

CVE-2026-14740 DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

0.00407EPSS
Exploits0References3
CVE
CVE
added 2026/07/07 10:5 p.m.15 views

CVE-2026-14740

DBI for Perl before 1.650 is affected by CVE-2026-14740. The vulnerability is rooted in the preparse() function, where deleting an initial SQL comment during SQL normalization causes an out-of-bounds read by one byte. Impact is a fault on memory-hardened builds and nondeterministic newline retent...

9.1CVSS6AI score0.00407EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/07/07 10:5 p.m.3 views

CVE-2026-14740 DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment

DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byt...

9.1CVSS6.1AI score0.00407EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.11 views

PT-2026-56274

Name of the Vulnerable Software and Affected Versions DBI versions prior to 1.650 Description An out-of-bounds read of one byte occurs in the preparse function when deleting an initial SQL comment. This happens during the normalization of SQL and the removal of comments. On memory-hardened builds...

9.1CVSS6AI score0.00407EPSS
Exploits0References16
NVD
NVD
added 2026/07/02 8:17 p.m.7 views

CVE-2026-59101

AutoBangumi before 3.2.8 contains a server-side request forgery SSRF vulnerability that allows unauthenticated remote attackers to probe internal network services by supplying arbitrary host values to an unprotected setup endpoint. Attackers can send requests to the POST...

6.9CVSS0.00321EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/02 4:6 p.m.36 views

CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret

Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...

6.3CVSS0.00243EPSS
Exploits0References5
CVE
CVE
added 2026/07/02 4:6 p.m.15 views

CVE-2026-54887

CVE-2026-54887 concerns Erlang/OTP's DTLS server in ssl, where during startup the cookie secret is initialized to an empty binary instead of a random value. This makes DTLS cookie computation deterministic for the first 0–15 seconds, allowing an observer of plaintext ClientHello to forge a valid ...

6.3CVSS5.8AI score0.00243EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2026/07/02 4:6 p.m.3 views

EEF-CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret

Summary Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtls\server\connection:initial\hello/3 initializes previous\cookie\secret...

6.3CVSS5.8AI score0.00243EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.12 views

PT-2026-55455

Name of the Vulnerable Software and Affected Versions Kiwi TCMS affected versions not specified Description The /init-db/ endpoint, used for initial database setup via a browser, remains accessible and responds to requests even after the initial setup is complete. This endpoint does not require...

6.9CVSS6.1AI score0.00048EPSS
Exploits0References7
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-495 pyLoad: SSRF filter bypass via HTTP redirect in BaseDownloader (Incomplete fix for CVE-2026-33992)

Summary The fix for CVE-2026-33992 GHSA-m74m-f7cr-432x added IP validation to BaseDownloader.download that checks the hostname of the initial download URL. However, pycurl is configured with FOLLOWLOCATION=1 and MAXREDIRS=10, causing it to automatically follow HTTP redirects. Redirect targets are...

9.3CVSS5.8AI score0.00397EPSS
Exploits2References7
Rows per page
Query Builder