Lucene search
K

6 matches found

CVE
CVE
added 2026/06/24 7:41 p.m.7 views

CVE-2026-47389

Mastodon vulnerability CVE-2026-47389 affects older Ruby runtimes (

8.6CVSS5.9AI score0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/08 10:11 p.m.9 views

CVE-2026-42345

FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts blocks cloud metadata endpoints using a fullUrl.startsWith check against a hardcoded list. This check can be bypassed using at least 7 different...

7.7CVSS5.8AI score0.00213EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/08 10:11 p.m.9 views

EUVD-2026-28855

FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts blocks cloud metadata endpoints using a fullUrl.startsWith check against a hardcoded list. This check can be bypassed using at least 7 different...

7.7CVSS5.8AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.9 views

LibreChat 代码问题漏洞

LibreChat is an open-source, free, and highly customizable unified AI dialogue platform. It allows for the aggregation and running of large models from any vendor within a single interface. Versions of LibreChat from 0.8.2-rc2 to 0.8.2 contain code vulnerabilities. These vulnerabilities stem from...

7.7CVSS5.9AI score0.00249EPSS
Exploits1References2
OSV
OSV
added 2026/01/08 3:23 p.m.8 views

CVE-2026-22245 Mastodon has SSRF Protection bypass

Mastodon is a free, open-source social network server based on ActivityPub. By nature, Mastodon performs a lot of outbound requests to user-provided domains. Mastodon, however, has some protection mechanism to disallow requests to local IP addresses unless specified in ALLOWEDPRIVATEADDRESSES to...

7.1CVSS6.2AI score0.00247EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.4 views

Markdownify MCP Server 安全漏洞

Markdownify MCP Server is a Model Context Protocol server for converting almost any content to Markdown by Zach Caceres, an individual developer in the United States. A security vulnerability exists in Markdownify MCP Server version 0.0.2 and earlier, which stems from a server-side request forger...

7.5CVSS6.6AI score0.00459EPSS
Exploits1References3
Rows per page
Query Builder