CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-0089

Malicious code in bioql PyPI...

9.8CVSS5.4AI score0.02002EPSS

Exploits2References6

RedhatCVE•added 2025/05/23 9:51 a.m.•5 views

CVE-2024-7042

A vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.5 and all versions with this class allows for prompt injection, leading to SQL injection. This vulnerability permits unauthorized data manipulation, data exfiltration, denial of service DoS by deleting all...

9.8CVSS9.6AI score0.00062EPSS

Exploits1References1

Tenable Nessus•added 2025/01/08 12:0 a.m.•13 views

LangChain < 0.2.5 SQLi through Prompt Injection

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a vulnerability in the GraphCypherQAChain class which allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial ...

9.8CVSS6.2AI score0.02002EPSS

Exploits2References3

OSV•added 2024/10/29 3:32 p.m.•11 views

GHSA-45PG-36P6-83V9 Langchain SQL Injection vulnerability

A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service DoS by deleting all data, breaches in multi-tenant securit...

4.9CVSS7.8AI score0.02002EPSS

Exploits2References6

Github Security Blog•added 2024/10/29 3:32 p.m.•22 views

Langchain SQL Injection vulnerability

9.8CVSS9.9AI score0.02002EPSS

Exploits2References6Affected Software2

OSV•added 2024/10/29 3:32 p.m.•16 views

GHSA-6M59-8FMV-M5F9 @langchain/community SQL Injection vulnerability

4.9CVSS7.5AI score0.00062EPSS

Exploits1References5

RedhatCVE•added 2024/10/29 2:56 p.m.•12 views

CVE-2024-8309

4.9CVSS8.6AI score0.02002EPSS

Exploits2References6

NVD•added 2024/10/29 1:15 p.m.•14 views

CVE-2024-7042

9.8CVSS0.00062EPSS

Exploits1References2

CVE•added 2024/10/29 12:50 p.m.•71 views

CVE-2024-8309

Technical details for CVE-2024-8309 are not provided in the supplied documents. Public information appears limited to high‑level description. Monitor for updates and refer to primary sources for affected versions and fixes.

9.8CVSS6.2AI score0.02002EPSS

Exploits2References2Affected Software1

Vulnrichment•added 2024/10/29 12:50 p.m.•15 views

CVE-2024-8309 SQL Injection in langchain-ai/langchain

4.9CVSS8.5AI score0.02002EPSS

Exploits2References2

Cvelist•added 2024/10/29 12:50 p.m.•15 views

CVE-2024-8309 SQL Injection in langchain-ai/langchain

4.9CVSS0.02002EPSS

Exploits2References2

Cvelist•added 2024/10/29 12:50 p.m.•16 views

CVE-2024-7042 Prompt Injection in langchain-ai/langchainjs Leading to SQL Injection

4.9CVSS0.00062EPSS

Exploits1References2

CVE•added 2024/10/29 12:50 p.m.•291 views

CVE-2024-7042

Technical details about CVE-2024-7042 are not present in the provided connected documents. Public details are limited to the Initial Description. Monitor for updates and vendor advisories for affected LangChainJS versions and remediation.

9.8CVSS5.9AI score0.00062EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2024/10/29 12:50 p.m.•11 views

CVE-2024-7042 Prompt Injection in langchain-ai/langchainjs Leading to SQL Injection

4.9CVSS7.8AI score0.00062EPSS

Exploits1References2

GitLab Advisory Database•added 2021/09/01 12:0 a.m.•19 views

Weak Password Recovery Mechanism for Forgotten Password

Akaunting version 2.1.12 and earlier suffers from a password reset spoofing vulnerability, wherein an attacker can proxy password reset requests through a running Akaunting instance, if that attacker knows the target's e-mail address. This issue was fixed in version 2.1.13 of the product. Please...

8.1CVSS2.8AI score0.00325EPSS

Exploits1References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by