Lucene search
K

12190 matches found

Positive Technologies
Positive Technologies
added 2026/05/24 12:0 a.m.15 views

PT-2026-42933

A flaw has been found in ItzCrazyKns Vane up to 1.12.1. This vulnerability affects unknown code of the file src/app/api/providers/route.ts of the component Model Provider API. This manipulation of the argument baseURL causes server-side request forgery. Remote exploitation of the attack is...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/24 12:0 a.m.11 views

Vane 代码问题漏洞

Vane is a privacy-oriented AI chat engine developed by Kushagra Srivastava. It supports both local and cloud models. Versions of Vane prior to 1.12.1 contained code vulnerabilities. These vulnerabilities stemmed from unknown code in the Model Provider API component’s file...

7.5CVSS7.2AI score0.00278EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/24 12:0 a.m.14 views

PT-2026-42943

Name of the Vulnerable Software and Affected Versions HuggingFace transformers versions prior to 5.3.0 Description A critical remote code execution issue exists where an attacker can craft a malicious config.json file. By setting the attn implementation internal variable to an attacker-controlled...

7.8CVSS7.8AI score0.00479EPSS
Exploits1References25
Veracode
Veracode
added 2026/05/23 5:55 a.m.5 views

Improper Integrity Verification

Amazon SageMaker Python SDK is vulnerable to improper integrity verification. The vulnerability is due to missing integrity verification in the Triton inference handler, which allows an authenticated attacker with S3 write access to replace model artifacts with a specially crafted pickle payload...

7.2CVSS6.5AI score0.0039EPSS
Exploits0References5Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/23 12:0 a.m.15 views

Malicious code in model-switch-router (npm)

Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...

6AI score
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/05/23 12:0 a.m.22 views

Reasoning As an Attack Surface: Adaptive Evolutionary CoT Jailbreaks for LLMs

Large Reasoning Models LRMs have demonstrated remarkable capabilities in reasoning and generation tasks and are increasingly deployed in real-world applications. However, their explicit chain-of-thought CoT mechanism introduces new security risks, making them particularly vulnerable to jailbreak...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/23 12:0 a.m.13 views

MAL-2026-4279 Malicious code in model-switch-router (npm)

Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...

6AI score
Exploits0References3
CNNVD
CNNVD
added 2026/05/23 12:0 a.m.17 views

New API SQL注入漏洞

The New API is an interface software developed by QuantumNous. Versions of the New API prior to 0.12.1 have a SQL injection vulnerability. This vulnerability originates from the SearchUserTopUps/SearchAllTopUps function in the model/topup.go file of the self Endpoint component, which may lead to...

6.5CVSS6.7AI score0.00192EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/22 11:20 p.m.15 views

CVE-2026-8962

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

8.1CVSS5.7AI score0.00372EPSS
Exploits0References5
NVD
NVD
added 2026/05/22 8:16 p.m.14 views

CVE-2026-5843

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...

8.8CVSS0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/22 7:28 p.m.9 views

EUVD-2026-31491

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...

8.8CVSS6.4AI score0.00224EPSS
Exploits0References1
CVE
CVE
added 2026/05/22 7:28 p.m.159 views

CVE-2026-5843

The CVE describes a vulnerability in Docker Model Runner (macOS) where the MLX-LM backend unconditionally imports and executes arbitrary Python files specified by model_file in a model's config.json via importlib, without a trust_remote_code gate or sandboxing. This enables container-to-host arbi...

8.8CVSS6.4AI score0.00224EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/22 7:28 p.m.11 views

CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...

8.8CVSS0.00224EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 7:28 p.m.9 views

CVE-2026-5843

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...

8.8CVSS6.4AI score0.00224EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/22 7:28 p.m.11 views

CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...

8.8CVSS6.4AI score0.00224EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/22 7:24 p.m.7 views

CVE-2026-5817 Docker Model Runner container-to-host code execution via unsandboxed trust_remote_code in Python inference backends

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

8.8CVSS6.5AI score0.00224EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/22 7:24 p.m.9 views

CVE-2026-5817 Docker Model Runner container-to-host code execution via unsandboxed trust_remote_code in Python inference backends

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

8.8CVSS0.00224EPSS
Exploits1References1
CVE
CVE
added 2026/05/22 7:24 p.m.31 views

CVE-2026-5817

CVE-2026-5817 affects the vllm-metal backend used by Docker Model Runner on macOS. The backend loads model tokenizers with trust_remote_code=True, causing transformers.AutoTokenizer.from_pretrained() to import and execute arbitrary Python files from models pulled from an OCI registry. This can en...

8.8CVSS6.5AI score0.00224EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/05/22 7:24 p.m.12 views

EUVD-2026-31493

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

8.8CVSS6.5AI score0.00224EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 7:24 p.m.14 views

CVE-2026-5817

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

8.8CVSS6.5AI score0.00224EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder