Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/09 8:2 a.m.5 views

CVE-2026-30857

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a cross-tenant authorization bypass in the knowledge base copy endpoint allows any authenticated user to clone duplicate another tenant’s knowledge base into their own tena...

5.3CVSS5.7AI score0.00222EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/07 4:34 p.m.4 views

CVE-2026-30858

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a DNS rebinding vulnerability in the webfetch tool allows an unauthenticated attacker to bypass URL validation and access internal resources on the server, including privat...

6.5CVSS5.7AI score0.00355EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/07 4:33 p.m.3 views

CVE-2026-30857

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a cross-tenant authorization bypass in the knowledge base copy endpoint allows any authenticated user to clone duplicate another tenant’s knowledge base into their own tena...

5.3CVSS5.7AI score0.00222EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/10/22 7:29 p.m.28 views

CVE-2025-62611

Summary: CVE-2025-62611 affects the aiomysql Python library used to access MySQL from asyncio. Prior to version 0.3.0, client-side settings are not validated before sending local files to the server, enabling a rogue MySQL server to request arbitrary client files via a LOAD_LOCAL packet. This vul...

8.2CVSS6.3AI score0.00354EPSS
Exploits0References3
Rows per page
Query Builder