PT-2026-1932

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.2-rc2 Description LibreChat, a ChatGPT clone, does not properly control access when uploading files to an agent's file context or during file searches in version 0.8.1-rc2. An authenticated attacker who knows an...

trustee 授权问题漏洞

trustee is a component of Confidential Containers open source. An Authorization Problem vulnerability exists in trustee prior to version 0.8.2, which stems from the fact that an ART Attestation Results Token token generated by the AS may be manipulated by a MITM attacker, but can still be...

Apache Zeppelin 跨站脚本漏洞

Apache Zeppelin is a Web-based open source notebook application from the Apache Foundation that supports interactive data analysis and collaborative documentation. The application supports interactive data analysis and collaborative documentation. versions of Apache Zeppelin prior to 0.8.2 contai...

xkbcommon null pointer dereference vulnerability (CNVD-2019-02669)

xkbcommon is a keyboard key mapping compiler and support library. A null pointer dereference vulnerability exists in the 'ResolveStateAndPredicate' function of the xkbcomp/compat.c file in versions of xkbcommon prior to xkbcommon 0.8.2, which can be exploited by a local attacker to cause the...