Lucene search
K

5 matches found

NVD
NVD
added 2026/03/31 3:15 a.m.3 views

CVE-2026-34070

LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchaincore.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an...

7.5CVSS0.01176EPSS
Exploits2References7
Cvelist
Cvelist
added 2026/03/31 2:1 a.m.27 views

CVE-2026-34070 LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions

LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchaincore.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an...

7.5CVSS0.01176EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28599

Name of the Vulnerable Software and Affected Versions LangChain versions prior to 1.2.22 Description Multiple functions within langchain core.prompts.loading read files from paths embedded in deserialized configuration dictionaries without validating against absolute path injection or directory...

7.5CVSS5.8AI score0.01176EPSS
Exploits2References24
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/24 5:50 p.m.16 views

Security Bulletin: A security vulnerability has been identified in Tivoli Netcool/OMNIbus WebGUI shipped with IBM Operations Analytics Predictive Insights (CVE-2020-4196)

Summary Tivoli Netcool/OMNIbus WebGUI is shipped as a component of IBM Operations Analytics Predictive Insights. Information about a security vulnerability affecting Tivoli Netcool/OMNIbus WebGUI has been published in a security bulletin. Vulnerability Details Refer to the security bulletinss...

5.4CVSS1.7AI score0.00561EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/03/02 10:42 p.m.11 views

Security Bulletin: Cross-Site Scripting (XSS) vulnerability have been identified on Tool Prompt Configuration page of Tivoli Netcool/OMNIbus WebGUI (CVE-2020-4196)

Summary Fix is available for vulnerability in Cross-Site Scripting XSS affecting Tivoli Netcool/OMNIbus WebGUI Tool Prompt Configuration page CVE-2020-4196. Vulnerability Details CVEID: CVE-2020-4196 DESCRIPTION: IBM Tivoli Netcool/OMNIbusGUI is vulnerable to cross-site scripting. This...

5.4CVSS0.2AI score0.00561EPSS
Exploits0Affected Software1
Rows per page
Query Builder