Lucene search
K

89 matches found

EUVD
EUVD
added 2026/06/29 12:31 a.m.9 views

EUVD-2026-40004

A vulnerability was detected in volcengine OpenViking up to 0.3.21. This affects the function strtouint64 of the file openviking/storage/vectordb/utils/strtouint64.py of the component Local VectorDB Primary-key Label Handler. The manipulation of the argument ID results in insufficient verificatio...

5CVSS5.5AI score0.00138EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 5:28 p.m.11 views

EUVD-2026-37005

i18next-fs-backend vulnerable to prototype pollution via crafted missing-key string...

9.1CVSS5.8AI score0.00419EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 5:28 p.m.9 views

EUVD-2026-37006

i18next-http-middleware: MissingKeyHandler does not reject keys whose segments contain prototype-polluting names...

9.1CVSS5.8AI score0.00419EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/24 8:38 p.m.6 views

CVE-2026-12770

A flaw was found in BerriAI litellm. A remote attacker could exploit an improper authorization vulnerability within the Admin Key Handler component. This could allow the attacker to perform unauthorized actions, leading to limited impacts on data integrity and service availability...

8.8CVSS5.9AI score0.00337EPSS
Exploits1References8
NVD
NVD
added 2026/06/21 1:16 a.m.23 views

CVE-2026-12770

A vulnerability was determined in BerriAI litellm up to 1.63.1. The impacted element is an unknown function of the file litellm/proxy/managementendpoints/keymanagementendpoints.py of the component Admin Key Handler. This manipulation causes improper authorization. The attack can be initiated...

8.8CVSS0.00337EPSS
Exploits1References7
EUVD
EUVD
added 2026/06/21 12:15 a.m.9 views

EUVD-2026-38136

A vulnerability was determined in BerriAI litellm up to 1.63.1. The impacted element is an unknown function of the file litellm/proxy/managementendpoints/keymanagementendpoints.py of the component Admin Key Handler. This manipulation causes improper authorization. The attack can be initiated...

5.5CVSS5.5AI score0.00337EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/06/21 12:15 a.m.8 views

CVE-2026-12770

A vulnerability was determined in BerriAI litellm up to 1.63.1. The impacted element is an unknown function of the file litellm/proxy/managementendpoints/keymanagementendpoints.py of the component Admin Key Handler. This manipulation causes improper authorization. The attack can be initiated...

5.5CVSS5.5AI score0.00337EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2026/06/21 12:15 a.m.45 views

CVE-2026-12770 BerriAI litellm Admin Key key_management_endpoints.py improper authorization

A vulnerability was determined in BerriAI litellm up to 1.63.1. The impacted element is an unknown function of the file litellm/proxy/managementendpoints/keymanagementendpoints.py of the component Admin Key Handler. This manipulation causes improper authorization. The attack can be initiated...

5.5CVSS0.00337EPSS
Exploits1References7
CVE
CVE
added 2026/06/21 12:15 a.m.45 views

CVE-2026-12770

The CVE affects litellm (BerriAI) up to version 1.63.1, specifically the Admin Key Handler component and the file litellm/proxy/management_endpoints/key_management_endpoints.py. The root cause is improper authorization caused by manipulation within this endpoint, enabling a remote attacker to exp...

8.8CVSS5.5AI score0.00337EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.20 views

PT-2026-51182

Name of the Vulnerable Software and Affected Versions litellm versions prior to 1.63.2 Description An improper authorization issue exists in the Admin Key Handler component within the file litellm/proxy/management endpoints/key management endpoints.py. This flaw allows a remote attacker to bypass...

8.8CVSS6.1AI score0.00337EPSS
Exploits1References14
NVD
NVD
added 2026/06/15 10:16 p.m.17 views

CVE-2026-48713

Versions prior to 2.6.6 are vulnerable to prototype pollution via crafted missing-key strings when used to persist missing translation keys e.g. via i18next-http-middleware's missingKeyHandler exposed to untrusted input. Backend.writeFile splits each queued missing-key string on the configured...

9.1CVSS0.00419EPSS
Exploits0References2
CVE
CVE
added 2026/06/15 8:41 p.m.26 views

CVE-2026-48714

The CVE-2026-48714 issue affects i18next-http-middleware prior to 3.9.7. The missingKeyHandler can accept request-body keys like proto , constructor, and prototype (and similar dotted variants) and, when downstream backends such as i18next-fs-backend ≤ 2.6.5 split on keySeparator, passes them to ...

9.1CVSS5.4AI score0.00419EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.24 views

PT-2026-49528

Name of the Vulnerable Software and Affected Versions i18next versions prior to 2.6.6 Description Prototype pollution occurs via crafted missing-key strings when used to persist missing translation keys. This happens when the Backend.writeFile function splits queued missing-key strings using the...

9.1CVSS5.9AI score0.00419EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-10783

A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function saveaudiotocache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high...

2.5CVSS4.6AI score0.00106EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-10812

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument inputdata"image" results in use of weak hash. The attack...

3.6CVSS4.8AI score0.00075EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 3:16 p.m.13 views

CVE-2026-10812

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument inputdata"image" results in use of weak hash. The attack...

3.6CVSS0.00075EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/04 2:15 p.m.11 views

CVE-2026-10812 zilliztech GPTCache Cache Key pre.py BufferedReader.peek weak hash

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument inputdata"image" results in use of weak hash. The attack...

3.6CVSS5.1AI score0.00075EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/04 2:15 p.m.40 views

CVE-2026-10812 zilliztech GPTCache Cache Key pre.py BufferedReader.peek weak hash

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument inputdata"image" results in use of weak hash. The attack...

3.6CVSS0.00075EPSS
Exploits0References7
CVE
CVE
added 2026/06/04 2:15 p.m.28 views

CVE-2026-10812

CVE-2026-10812 affects zilliztech GPTCache up to 0.1.44. The vulnerability concerns the function BufferedReader.peek in gptcache/processor/pre.py within the Cache Key Handler. By manipulating input_data["image"], a weak hash is used. Exploitation is described as local, high complexity, and public...

3.6CVSS5.1AI score0.00075EPSS
Exploits0References7
OSV
OSV
added 2026/06/04 12:16 a.m.9 views

PYSEC-2026-211

A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function saveaudiotocache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high...

2.5CVSS4AI score0.00106EPSS
Exploits1References7
Rows per page
Query Builder