Lucene search
+L

8 matches found

Cvelist
Cvelist
added 2026/06/25 3:51 p.m.32 views

CVE-2026-54029 LibreChat: IDOR in Message Deletion — Incomplete Fix for CVE-2024-41703 Leaves deleteMessages() Without User Filter

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete any other user's messages. The validateMessageReq middleware only validates that the conversationId...

5.3CVSS0.00159EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2026/05/19 3:8 a.m.13 views

CVE-2026-25781 kernel_liteos_a has an out-of-bounds write vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered...

8.4CVSS5.8AI score0.00132EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 5:19 p.m.154 views

CVE-2024-53044

The CVE refers to Linux kernel net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext(). The issue caused by xa_insert() failure when the same block index is used for ingress and egress, leading to an incorrect teardown and an unbound offload path (FLOW_BLOCK_BIND) not being followed...

5.5CVSS6.6AI score0.002EPSS
Exploits0References2Affected Software1
Code423n4
Code423n4
added 2022/05/14 12:0 a.m.10 views

Loss of funds due to beneficiary override to address(0) during transfer

Lines of code Vulnerability details Premiums or proceeds earned after the transfer will accrue to the zero address, instead of to the new vault owner, and the funds will be irrecoverable. Proof of concept vaultBeneficiariesvaultId is overridden to the zero address during transfer: File: Cally.sol...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/14 12:0 a.m.9 views

Loss of funds due to premiums and proceeds accruing to address(0) by default

Lines of code Vulnerability details Premiums and proceeds earned will accrue to the zero address by default, instead of the vault owner, and the funds will be irrecoverable. Proof of concept vaultBeneficiariesvaultId is not set during createVault, so any call to getVaultBeneficiary will return...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/11/09 12:0 a.m.10 views

Should a Chainlink aggregator become stuck in a stale state then TwapOracle will become irrecoverably broken

Handle TomFrench Vulnerability details Impact Inability to call consult on the TwapOracle and so calculate the exchange rate between USDV and VADER. Proof of Concept Should any of the Chainlink aggregators used by the TwapOracle becomes stuck in such a state that the check on L143-146 of...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/07/31 12:0 a.m.11 views

Single-step process for critical ownership transfer/renounce is risky

Handle 0xRajeev Vulnerability details Impact The SwappableYieldSource allows owners and asset managers to set/swap/transfer yield sources/funds. As such, the contract ownership plays a critical role in the protocol. Given that AssetManager is derived from Ownable, the ownership management of this...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/06/30 12:0 a.m.11 views

Single-step process for critical ownership transfer

Handle 0xRajeev Vulnerability details Impact The Tracer Perpetuals Factory contract is arguably the most critical contract in the project given that it deploys all the markets. The ownership of this contract is transferred to governance address, i.e. TracerDAO, in the constructor. This critical...

6.9AI score
Exploits0
Rows per page
Query Builder