12 matches found
nanobot 安全漏洞
Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.1.6 contained a security vulnerability. This vulnerability stemmed from an indirect prompt injection issue in the email channel processing module, which could allow remote...
Exploit for CVE-2026-22812
The open source AI coding agent. !OpenCode Termina...
EUVD-2024-3338
Malicious code in bioql PyPI...
EUVD-2025-21772
Malicious code in bioql PyPI...
EUVD-2025-21771
Malicious code in bioql PyPI...
CVE-2025-53928
MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue...
CVE-2025-53928 MaxKB has RCE in MCP call
MaxKB is an open-source AI assistant for enterprise. Prior to versions 1.10.9-lts and 2.0.0, a Remote Command Execution vulnerability exists in the MCP call. Versions 1.10.9-lts and 2.0.0 fix the issue...
CVE-2025-53927 MaxKB sandbox bypass
MaxKB is an open-source AI assistant for enterprise. Prior to version 2.0.0, the sandbox design rules can be bypassed because MaxKB only restricts the execution permissions of files in a specific directory. Therefore, an attacker can use the shutil.copy2 method in Python to copy the command they...
CVE-2025-48950
MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as /bin,/usr/bin, etc. Therefore, attackers can exploit some files with execution permissions in non blacklisted directori...
CVE-2025-48950 MaxKB Python Sandbox Bypass in Function Library
MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as /bin,/usr/bin, etc. Therefore, attackers can exploit some files with execution permissions in non blacklisted directori...
CVE-2025-48950 MaxKB Python Sandbox Bypass in Function Library
MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as /bin,/usr/bin, etc. Therefore, attackers can exploit some files with execution permissions in non blacklisted directori...
Dark Web Pedophiles Using Open-Source AI to Generate CSAM
By Waqas This was revealed by the Internet Watch Foundation, a UK-based internet watchdog. This is a post from HackRead.com Read the original post: Dark Web Pedophiles Using Open-Source AI to Generate CSAM...