Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

86 matches found

NVD
NVDadded 3 days ago13 views

CVE-2026-12770

A vulnerability was determined in BerriAI litellm up to 1.63.1. The impacted element is an unknown function of the file litellm/proxy/managementendpoints/keymanagementendpoints.py of the component Admin Key Handler. This manipulation causes improper authorization. The attack can be initiated...

5.5CVSS0.0024EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 3 days ago5 views

CVE-2026-12770

A vulnerability was determined in BerriAI litellm up to 1.63.1. The impacted element is an unknown function of the file litellm/proxy/managementendpoints/keymanagementendpoints.py of the component Admin Key Handler. This manipulation causes improper authorization. The attack can be initiated...

5.5CVSS5.5AI score0.0024EPSS
Exploits0References7Affected Software1
CVE
CVEadded 3 days ago24 views

CVE-2026-12770

CVE-2026-12770 affects BerriAI litellm up to version 1.63.1. The vulnerability resides in an unknown function within litellm/proxy/management_endpoints/key_management_endpoints.py, in the Admin Key Handler component, causing improper authorization. It is exploitable remotely, and public exploitat...

5.5CVSS5.5AI score0.0024EPSS
Exploits0References7
Cvelist
Cvelistadded 3 days ago35 views

CVE-2026-12770 BerriAI litellm Admin Key key_management_endpoints.py improper authorization

A vulnerability was determined in BerriAI litellm up to 1.63.1. The impacted element is an unknown function of the file litellm/proxy/managementendpoints/keymanagementendpoints.py of the component Admin Key Handler. This manipulation causes improper authorization. The attack can be initiated...

5.5CVSS0.0024EPSS
Exploits0References7
EUVD
EUVDadded 3 days ago7 views

EUVD-2026-38136

A vulnerability was determined in BerriAI litellm up to 1.63.1. The impacted element is an unknown function of the file litellm/proxy/managementendpoints/keymanagementendpoints.py of the component Admin Key Handler. This manipulation causes improper authorization. The attack can be initiated...

5.5CVSS5.5AI score0.0024EPSS
Exploits0References7
NVD
NVDadded 2026/06/15 10:16 p.m.14 views

CVE-2026-48713

Versions prior to 2.6.6 are vulnerable to prototype pollution via crafted missing-key strings when used to persist missing translation keys e.g. via i18next-http-middleware's missingKeyHandler exposed to untrusted input. Backend.writeFile splits each queued missing-key string on the configured...

9.1CVSS0.00419EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/15 8:41 p.m.7 views

EUVD-2026-37006

i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. In versions prior to 3.9.7, the missingKeyHandler blocked the literal request-body keys proto, constructor, and prototype added in 3.9.3, see GHSA-5fgg-jcpf-8jjw, but did not...

9.1CVSS5.3AI score0.00419EPSS
Exploits0References2
CVE
CVEadded 2026/06/15 8:41 p.m.11 views

CVE-2026-48714

The CVE-2026-48714 issue affects i18next-http-middleware prior to 3.9.7. The missingKeyHandler can accept request-body keys like proto , constructor, and prototype (and similar dotted variants) and, when downstream backends such as i18next-fs-backend ≤ 2.6.5 split on keySeparator, passes them to ...

9.1CVSS5.4AI score0.00419EPSS
Exploits0References2Affected Software1
EUVD
EUVDadded 2026/06/15 8:31 p.m.5 views

EUVD-2026-37005

Versions prior to 2.6.6 are vulnerable to prototype pollution via crafted missing-key strings when used to persist missing translation keys e.g. via i18next-http-middleware's missingKeyHandler exposed to untrusted input. Backend.writeFile splits each queued missing-key string on the configured...

9.1CVSS5.4AI score0.00419EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/15 12:0 a.m.13 views

PT-2026-49528

Name of the Vulnerable Software and Affected Versions i18next versions prior to 2.6.6 Description Prototype pollution occurs via crafted missing-key strings when used to persist missing translation keys. This happens when the Backend.writeFile function splits queued missing-key strings using the...

9.1CVSS5.9AI score0.00419EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2026/06/05 7:48 p.m.8 views

CVE-2026-10783

A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function saveaudiotocache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high...

2.5CVSS4.6AI score0.00106EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:48 p.m.7 views

CVE-2026-10812

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument inputdata"image" results in use of weak hash. The attack...

3.6CVSS4.8AI score0.00075EPSS
Exploits0References1
NVD
NVDadded 2026/06/04 3:16 p.m.10 views

CVE-2026-10812

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument inputdata"image" results in use of weak hash. The attack...

3.6CVSS0.00075EPSS
Exploits0References7
Cvelist
Cvelistadded 2026/06/04 2:15 p.m.36 views

CVE-2026-10812 zilliztech GPTCache Cache Key pre.py BufferedReader.peek weak hash

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument inputdata"image" results in use of weak hash. The attack...

3.6CVSS0.00075EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2026/06/04 2:15 p.m.7 views

CVE-2026-10812 zilliztech GPTCache Cache Key pre.py BufferedReader.peek weak hash

A vulnerability was detected in zilliztech GPTCache up to 0.1.44. Affected by this issue is the function BufferedReader.peek of the file gptcache/processor/pre.py of the component Cache Key Handler. Performing a manipulation of the argument inputdata"image" results in use of weak hash. The attack...

3.6CVSS5.1AI score0.00075EPSS
Exploits0References7
CVE
CVEadded 2026/06/04 2:15 p.m.17 views

CVE-2026-10812

CVE-2026-10812 affects zilliztech GPTCache up to 0.1.44. The vulnerability concerns the function BufferedReader.peek in gptcache/processor/pre.py within the Cache Key Handler. By manipulating input_data["image"], a weak hash is used. Exploitation is described as local, high complexity, and public...

3.6CVSS5.1AI score0.00075EPSS
Exploits0References7
OSV
OSVadded 2026/06/04 12:16 a.m.6 views

PYSEC-2026-211

A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function saveaudiotocache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high...

2.5CVSS4AI score0.00106EPSS
Exploits1References7
CNNVD
CNNVDadded 2026/06/04 12:0 a.m.3 views

GPTCache 安全漏洞

GPTCache is a library open-sourced by Zilliz for creating semantic caching for large model queries. Versions of GPTCache 0.1.44 and earlier contain security vulnerabilities. These vulnerabilities stem from the use of a weak hash function in the BufferedReader.peek function of the Cache Key Handle...

3.6CVSS4.9AI score0.00075EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/06/03 12:0 a.m.9 views

PT-2026-46072

Name of the Vulnerable Software and Affected Versions gradio-app gradio version 6.14.0 Description A security flaw exists in the Audio Cache Key Handler component. Specifically, the save audio to cache function uses a weak hash, which can be manipulated. This issue requires a local position for...

2.5CVSS4.4AI score0.00106EPSS
Exploits1References12
Tenable Nessus
Tenable Nessusadded 2026/05/11 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-5246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384...

8.1CVSS5.2AI score0.00622EPSS
Exploits0References3
Rows per page
Query Builder