21 matches found
Hermes Agent 安全漏洞
Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent prior to 2026.4.23 contained a security vulnerability. This vulnerability stemmed from unknown function operations on the parameter THREATPATTERNS in the agent/skillsguard.py...
PT-2026-42911
A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.23. Impacted is an unknown function of the file agent/skills guard.py of the component Skills Guard Multi-Word Prompt Handler. The manipulation of the argument THREAT PATTERNS leads to injection. Remote...
CVE-2026-5002
A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function routeusingoverviews of the file backend/server.py of the component LLM Prompt Handler. Such manipulation leads to injection. The attack may be performed fr...
CVE-2026-5002
A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function routeusingoverviews of the file backend/server.py of the component LLM Prompt Handler. Such manipulation leads to injection. The attack may be performed fr...
CVE-2026-5002
A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function routeusingoverviews of the file backend/server.py of the component LLM Prompt Handler. Such manipulation leads to injection. The attack may be performed fr...
CVE-2026-5002
CVE-2026-5002 affects PromtEngineer localGPT (LLM Prompt Handler) with the vulnerable element in backend/server.py, function _route_using_overviews. The issue is described as an injection vulnerability that can be exploited remotely; the exploit has been disclosed publicly. The product uses a rol...
CVE-2026-5002 PromtEngineer localGPT LLM Prompt server.py _route_using_overviews injection
A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function routeusingoverviews of the file backend/server.py of the component LLM Prompt Handler. Such manipulation leads to injection. The attack may be performed fr...
PT-2026-28720
Name of the Vulnerable Software and Affected Versions PromtEngineer localGPT versions up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054 Description A flaw exists within PromtEngineer localGPT that allows for injection. The issue resides in the route using overviews function within the...
CVE-2026-2969
A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...
CVE-2025-11445
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...
CVE-2025-11445
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...
CVE-2025-11445
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...
CVE-2025-11445
Kilo Code up to 4.86.0 is affected by an injection vulnerability in the ClineProvider function of src/core/webview/ClineProvider.ts within the Prompt Handler component. The issue allows remote manipulation and has publicly disclosed exploits; remediation is to apply the patch. The available docum...
CVE-2025-11445 Kilo Code Prompt ClineProvider.ts ClineProvider injection
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...
CVE-2025-11445 Kilo Code Prompt ClineProvider.ts ClineProvider injection
A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...
PT-2025-41241
Name of the Vulnerable Software and Affected Versions Kilo Code versions prior to 4.86.0 Description A flaw exists in Kilo Code that allows for injection through manipulation of the ClineProvider function within the src/core/webview/ClineProvider.ts file of the Prompt Handler component. This issu...
Kilo Code 安全漏洞
Kilo Code is an AI coding assistant open-sourced by Kilo Code. A security vulnerability exists in Kilo Code 4.86.0 and earlier versions, which stems from improper manipulation of the ClineProvider function in the Prompt Handler component, which could lead to an injection attack...
CVE-2025-2733
A vulnerability classified as critical has been found in mannaandpoem OpenManus up to 2025.3.13. This affects an unknown part of the file app/tool/pythonexecute.py of the component Prompt Handler. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The...
CVE-2025-2733
A vulnerability classified as critical has been found in mannaandpoem OpenManus up to 2025.3.13. This affects an unknown part of the file app/tool/pythonexecute.py of the component Prompt Handler. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The...
The vulnerability of the Permission Prompt Handler component in the Google Chrome browser allows a malicious actor to install a malware and potentially escape from a isolated software environment.
The vulnerability of the Permission Prompt Handler component in the Google Chrome browser is related to improper validation of input data. Exploiting this vulnerability allows a malicious actor to install a malicious application and potentially escape from a isolated software environment using a...