6 matches found
CVE-2026-47389
Mastodon vulnerability CVE-2026-47389 affects older Ruby runtimes (
CVE-2026-42345
FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts blocks cloud metadata endpoints using a fullUrl.startsWith check against a hardcoded list. This check can be bypassed using at least 7 different...
EUVD-2026-28855
FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts blocks cloud metadata endpoints using a fullUrl.startsWith check against a hardcoded list. This check can be bypassed using at least 7 different...
LibreChat 代码问题漏洞
LibreChat is an open-source, free, and highly customizable unified AI dialogue platform. It allows for the aggregation and running of large models from any vendor within a single interface. Versions of LibreChat from 0.8.2-rc2 to 0.8.2 contain code vulnerabilities. These vulnerabilities stem from...
CVE-2026-22245 Mastodon has SSRF Protection bypass
Mastodon is a free, open-source social network server based on ActivityPub. By nature, Mastodon performs a lot of outbound requests to user-provided domains. Mastodon, however, has some protection mechanism to disallow requests to local IP addresses unless specified in ALLOWEDPRIVATEADDRESSES to...
Markdownify MCP Server 安全漏洞
Markdownify MCP Server is a Model Context Protocol server for converting almost any content to Markdown by Zach Caceres, an individual developer in the United States. A security vulnerability exists in Markdownify MCP Server version 0.0.2 and earlier, which stems from a server-side request forger...