EUVD-2026-34997

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...

deep-searcher 访问控制错误漏洞

Deep-Searcher is a private data search and intelligent question-answering tool developed by Zilliz, based on large models and VectorDB. Versions of Deep-Searcher 0.0.2 and earlier contain an access control vulnerability. This vulnerability stems from the operation of the CollectionRouter.invoke...

CVE-2018-25270

CVE-2018-25270 affects ThinkPHP 5.0.23. An unauthenticated attacker can trigger remote code execution by abusing invokefunction through the routing parameter in index.php, enabling arbitrary PHP commands with application privileges. Reported impact is high on confidentiality, integrity, and avail...

ThinkPHP Command Execution Vulnerability

Top Thinking Information Technology ThinkPHP is a PHP-based, open source, lightweight Web application development framework from China Top Thinking Information Technology. ThinkPHP3.2.4 previous version used in Open Source BMS v1.1.1 version and other devices in the existence of a command executi...

ThinkPHP 5.x Remote Code Execution

Exploit Title: ThinkPHP 5.x v5.0.23,v5.1.31 Remote Code Execution Date: 2018-12-11 Exploit Author: VulnSpy Vendor Homepage: https://thinkphp.cn Software Link: https://github.com/top-think/framework/ Version: v5.x below v5.0.23,v5.1.31 CVE: N/A Exploit...