CVE-2026-34756

vLLM is an inference and serving engine for large language models LLMs. From 0.1.0 to before 0.19.0, a Denial of Service vulnerability exists in the vLLM OpenAI-compatible API server. Due to the lack of an upper bound validation on the n parameter in the ChatCompletionRequest and CompletionReques...

One Hub 安全漏洞

One Hub is an OpenAI interface management and distribution system for Buer individual developers. A security vulnerability exists in One Hub version 0.14.27 and earlier, which stems from the use of a hard-coded key for the parameter SESSIONSECRET in the docker-compose.yml file, which could lead t...

LiteLLM 授权问题漏洞

LiteLLM is an open source application from Berri AI. All LLM APIs can be called using the OpenAI format. LiteLLM suffers from an authorization issue vulnerability that stems from improper authorization and could lead to elevation of privilege...

HAWKI 跨站脚本漏洞

HAWKI is a university teaching interface based on the OpenAI API by the HAWK Digital Environments team in Germany. HAWKI suffers from a cross-site scripting vulnerability that stems from the application not changing the session token when using the login or logout function, leading to a takeover ...

HAWKI 跨站脚本漏洞

HAWKI is a university teaching interface based on the OpenAI API by the HAWK Digital Environments team in Germany. HAWKI has a security vulnerability that stems from a path traversal vulnerability due to not properly filtering POST parameters. An attacker can exploit the vulnerability to overwrit...