Lucene search
+L

115 matches found

nvd
nvd
added 2026/06/24 6:17 p.m.11 views

CVE-2026-55611

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST /api/workspace/:slug/embed-parsed-file/:fileId flow...

0.00236EPSS
Exploits0References3
euvd
euvd
added 2026/06/24 5:17 p.m.8 views

EUVD-2026-39009

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST /api/workspace/:slug/embed-parsed-file/:fileId flow...

5.9AI score0.00236EPSS
Exploits0References3
osv
osv
added 2026/06/24 5:17 p.m.2 views

CVE-2026-55611 AnythingLLM: embed-parsed-file cleanup deletes any parsed file by ID without ownership scoping (cross-tenant IDOR deletion)

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST /api/workspace/:slug/embed-parsed-file/:fileId flow...

6AI score0.00236EPSS
Exploits0References5
cvelist
cvelist
added 2026/06/24 5:17 p.m.36 views

CVE-2026-55611 AnythingLLM: embed-parsed-file cleanup deletes any parsed file by ID without ownership scoping (cross-tenant IDOR deletion)

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. From 1.11.1 until 1.14.1, userId/workspaceId scoping to the parsed-files read/delete paths was added. However, the POST /api/workspace/:slug/embed-parsed-file/:fileId flow...

0.00236EPSS
Exploits0References3
cve
cve
added 2026/06/24 5:17 p.m.13 views

CVE-2026-55611

CVE-2026-55611 affects AnythingLLM. The vulnerability allows cross-tenant IDOR deletion of parsed-files via the endpoint POST /api/workspace/:slug/embed-parsed-file/:fileId. From 1.11.1 to 1.14.1, ownership-scoped access was added for parsed-files reads/deletes, but the delete path still removes ...

5.9AI score0.00236EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.7 views

PT-2026-52036

Name of the Vulnerable Software and Affected Versions AnythingLLM versions 1.11.1 through 1.14.0 Description An issue exists where the application fails to perform ownership checks when deleting parsed files. Specifically, the 'POST /api/workspace/:slug/embed-parsed-file/:fileId' endpoint deletes...

5.8AI score0.00236EPSS
Exploits0References7
osv
osv
added 2026/06/22 4:16 p.m.2 views

CVE-2026-54271 protobufjs-cli: Code injection in pbjs static output from crafted JSON descriptor names

protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.3.2 and 2.5.0, a previous fix for unsafe name handling in pbjs static / static-module code generation was incomplete. Affected versions of protobufjs-cli could still emit unsafe JavaScript references when generating static outp...

8.2CVSS6AI score0.00228EPSS
Exploits0References3
github
github
added 2026/06/15 8:13 p.m.12 views

protobufjs-cli: Code injection in pbjs static output from crafted JSON descriptor names

Summary A previous fix for unsafe name handling in pbjs static / static-module code generation was incomplete. Affected versions of protobufjs-cli could still emit unsafe JavaScript references when generating static output from crafted JSON descriptor input. The common case of parsing schemas fro...

8.2CVSS5.9AI score0.00228EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2026/06/15 12:0 a.m.19 views

PT-2026-49586

Name of the Vulnerable Software and Affected Versions protobufjs-cli versions prior to 1.3.2 protobufjs-cli versions prior to 2.5.0 Description An incomplete fix for unsafe name handling in pbjs static and static-module code generation allows the emission of unsafe JavaScript references when...

8.2CVSS5.9AI score0.00228EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/06/05 7:46 p.m.9 views

CVE-2026-42502

A flaw was found in golang.org/x/net/html. This vulnerability allows an attacker to manipulate how HTML is processed and displayed. By providing specially crafted HTML, an attacker can cause an unexpected structure in the rendered output. This can lead to Cross-Site Scripting XSS attacks, where...

6.1CVSS6AI score0.00178EPSS
Exploits0References7
redhatcve
redhatcve
added 2026/04/03 11:1 p.m.7 views

CVE-2026-34825

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.30, NocoBase plugin-workflow-sql substitutes template variables directly into raw SQL strings via getParsedValue without parameterization or escaping. Any user who...

8.5CVSS6AI score0.00406EPSS
Exploits1References1
github
github
added 2026/04/02 8:31 p.m.8 views

Rack's improper unfolding of folded multipart headers preserves CRLF in parsed parameter values

Summary Rack::Multipart::Parser unfolds folded multipart part headers incorrectly. When a multipart header contains an obs-fold sequence, Rack preserves the embedded CRLF in parsed parameter values such as filename or name instead of removing the folded line break during unfolding. As a result,...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References4Affected Software1
osv
osv
added 2026/04/02 8:31 p.m.6 views

GHSA-RX22-G9MX-QRHV Rack's improper unfolding of folded multipart headers preserves CRLF in parsed parameter values

Summary Rack::Multipart::Parser unfolds folded multipart part headers incorrectly. When a multipart header contains an obs-fold sequence, Rack preserves the embedded CRLF in parsed parameter values such as filename or name instead of removing the folded line break during unfolding. As a result,...

4.8CVSS5.9AI score0.00227EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/04/02 12:0 a.m.8 views

Nocobase SQL注入漏洞

Nocobase is an open-source low-code platform developed by NocoBase. Versions of NocoBase prior to 2.0.30 contained a SQL injection vulnerability. This vulnerability stemmed from the getParsedValue function, which directly substituted template variables into the original SQL string without...

8.5CVSS6AI score0.00406EPSS
Exploits1References3
rubygems
rubygems
added 2026/04/02 12:0 a.m.19 views

Rack's improper unfolding of folded multipart headers preserves CRLF in parsed parameter values

Summary Rack::Multipart::Parser unfolds folded multipart part headers incorrectly. When a multipart header contains an obs-fold sequence, Rack preserves the embedded CRLF in parsed parameter values such as filename or name instead of removing the folded line break during unfolding. As a result,...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2026/03/27 9:17 p.m.7 views

CVE-2026-33937

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, Handlebars.compile accepts a pre-parsed AST object in addition to a template string. The value field of a NumberLiteral AST node is emitted directly into the generated JavaScript withou...

9.8CVSS0.0178EPSS
Exploits2References8
cve
cve
added 2026/03/27 9:3 p.m.261 views

CVE-2026-33937

CVE-2026-33937 affects Handlebars.js prior to 4.7.9, where Handlebars.compile() accepts a pre-parsed AST; the NumberLiteral.value is emitted into generated JS without quoting, enabling remote code execution if a crafted AST is supplied. Versions 4.0.0–4.7.8 are vulnerable; 4.7.9 fixes the issue. ...

9.8CVSS6.2AI score0.0178EPSS
Exploits2References8Affected Software1
osv
osv
added 2026/03/24 12:8 a.m.5 views

OSV-2026-449 Use-of-uninitialized-value in pcpp::SomeIpSdEntry::SomeIpSdEntry

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=495096701 Crash type: Use-of-uninitialized-value Crash state: pcpp::SomeIpSdEntry::SomeIpSdEntry pcpp::SomeIpSdLayer::getEntries readParsedPacket...

5.8AI score
Exploits0References1
cvelist
cvelist
added 2026/03/02 6:42 p.m.38 views

CVE-2026-0020

In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

0.00098EPSS
Exploits0References1
redhat
redhat
added 2026/02/24 4:27 p.m.4 views

python: protobuf: Protobuf: Denial of Service due to recursion depth bypass

A flaw was found in protobuf. A remote attacker can exploit this denial-of-service DoS vulnerability by supplying deeply nested google.protobuf.Any messages to the google.protobuf.jsonformat.ParseDict function. This bypasses the intended recursion depth limit, leading to the exhaustion of Python’...

8.2CVSS5.8AI score0.00613EPSS
Exploits0References5
Rows per page
Query Builder