Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded yesterday7 views

CVE-2026-9699

Mattermost Plugins versions =11.6 10.18.11 11.3.6 11.6.5.0 fail to sanitize error responses from the OpenAI API before logging, which allows a user with access to server logs or support packets to obtain a valid or partially reconstructable OpenAI API key via inspection of mattermost.log entries...

6.8CVSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 5 days ago4 views

CVE-2026-48746

vLLM is an inference and serving engine for large language models LLMs. From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware. It allows to use the API without providing t...

9.1CVSS5.9AI score0.00736EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 5 days ago41 views

CVE-2026-48746 vLLM: OpenAI auth bypass

vLLM is an inference and serving engine for large language models LLMs. From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware. It allows to use the API without providing t...

9.1CVSS0.00736EPSS
Exploits0References3
NVD
NVDadded 2026/04/06 4:16 p.m.2 views

CVE-2026-34756

vLLM is an inference and serving engine for large language models LLMs. From 0.1.0 to before 0.19.0, a Denial of Service vulnerability exists in the vLLM OpenAI-compatible API server. Due to the lack of an upper bound validation on the n parameter in the ChatCompletionRequest and CompletionReques...

6.5CVSS0.00293EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/12/14 12:0 a.m.5 views

One Hub 安全漏洞

One Hub is an OpenAI interface management and distribution system for Buer individual developers. A security vulnerability exists in One Hub version 0.14.27 and earlier, which stems from the use of a hard-coded key for the parameter SESSIONSECRET in the docker-compose.yml file, which could lead t...

6.3CVSS4.8AI score0.00298EPSS
Exploits0References7
CNNVD
CNNVDadded 2025/03/20 12:0 a.m.2 views

LiteLLM 授权问题漏洞

LiteLLM is an open source application from Berri AI. All LLM APIs can be called using the OpenAI format. LiteLLM suffers from an authorization issue vulnerability that stems from improper authorization and could lead to elevation of privilege...

8.1CVSS7.9AI score0.00315EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/05/29 12:0 a.m.3 views

HAWKI 跨站脚本漏洞

HAWKI is a university teaching interface based on the OpenAI API by the HAWK Digital Environments team in Germany. HAWKI suffers from a cross-site scripting vulnerability that stems from the application not changing the session token when using the login or logout function, leading to a takeover ...

7.3CVSS6.1AI score0.00569EPSS
Exploits1References3
CNNVD
CNNVDadded 2024/05/29 12:0 a.m.1 views

HAWKI 跨站脚本漏洞

HAWKI is a university teaching interface based on the OpenAI API by the HAWK Digital Environments team in Germany. HAWKI has a security vulnerability that stems from a path traversal vulnerability due to not properly filtering POST parameters. An attacker can exploit the vulnerability to overwrit...

6.5CVSS6.7AI score0.00592EPSS
Exploits1References4
Rows per page
Query Builder