Lucene search
K

42 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Theia versions prior to 1.71.0, files matching the pattern .prompts/.prompttemplate in a workspace were automatically loaded and could override or...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/18 6:35 p.m.11 views

[Eclipse Theia] Indirect Prompt Injection via Auto-Loaded Workspace Prompt Template Files in AI Chat

In Eclipse Theia versions prior to 1.71.0, files matching the pattern .prompts/.prompttemplate in a workspace were automatically loaded and could override or extend the AI agent's system prompts. An attacker could craft a malicious repository containing prompt template files that, when the...

8.8CVSS6AI score0.00272EPSS
Exploits0References6Affected Software6
Snyk
Snyk
added 2026/06/18 6:35 p.m.6 views

Unsafe Dependency Resolution

Overview @theia/ai-code-completion is a Theia - AI Core Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic loading of .prompts/.prompttemplate files in a workspace. An attacker can manipulate the AI agent's system instructions by introducing crafted...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.10 views

Unsafe Dependency Resolution

Overview @theia/ai-claude-code is a Theia - Claude Code Integration Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic loading of .prompts/.prompttemplate files in a workspace. An attacker can manipulate the AI agent's system instructions by...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.5 views

Unsafe Dependency Resolution

Overview @theia/ai-core is a Theia - AI Core Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic loading of .prompts/.prompttemplate files in a workspace. An attacker can manipulate the AI agent's system instructions by introducing crafted prompt...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.7 views

Unsafe Dependency Resolution

Overview @theia/ai-ide is an AI IDE Agents Extension Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic loading of .prompts/.prompttemplate files in a workspace. An attacker can manipulate the AI agent's system instructions by introducing crafted...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/18 6:35 p.m.8 views

Unsafe Dependency Resolution

Overview @theia/ai-chat-ui is a Theia - AI Chat UI Extension Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the automatic loading of .prompts/.prompttemplate files in a workspace. An attacker can manipulate the AI agent's system instructions by introducing...

8.8CVSS6.1AI score0.00272EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/18 2:26 p.m.9 views

EUVD-2026-37899

In Eclipse Theia versions prior to 1.71.0, files matching the pattern .prompts/.prompttemplate in a workspace were automatically loaded and could override or extend the AI agent's system prompts. An attacker could craft a malicious repository containing prompt template files that, when the...

8.4CVSS5.6AI score0.00272EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.15 views

PT-2026-50691

Name of the Vulnerable Software and Affected Versions Eclipse Theia versions prior to 1.71.0 Description Files matching the pattern .prompts/.prompttemplate in a workspace are automatically loaded, allowing them to override or extend the AI agent's system prompts. This enables indirect prompt...

8.8CVSS6AI score0.00272EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 a.m.12 views

CVE-2026-44209

A flaw was found in banks. This vulnerability, known as Server-Side Template Injection SSTI, allows a remote attacker to achieve Remote Code Execution RCE on the host system. This occurs when applications using banks pass user-supplied strings directly as template arguments to the Prompt function...

7.5CVSS6.3AI score0.00539EPSS
Exploits0References5
NVD
NVD
added 2026/05/26 9:16 p.m.13 views

CVE-2026-44209

Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment unsandboxed to render prompt templates. Applications that pass user-supplied strings as the template argument to Prompt are vulnerable to Server-Side Template Injection...

7.5CVSS0.00539EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/26 8:46 p.m.16 views

EUVD-2026-31997

Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment unsandboxed to render prompt templates. Applications that pass user-supplied strings as the template argument to Prompt are vulnerable to Server-Side Template Injection...

7.5CVSS5.9AI score0.00539EPSS
Exploits0References2
CVE
CVE
added 2026/05/26 8:46 p.m.27 views

CVE-2026-44209

Banks prompt templating (banks) is vulnerable prior to version 2.4.2 due to an unsandboxed jinja2.Environment() when rendering prompt templates. If applications pass user-supplied strings as the template argument to Prompt(), this SSTI can lead to Remote Code Execution on the host. The issue is f...

7.5CVSS5.9AI score0.00539EPSS
Exploits0References5
Veracode
Veracode
added 2026/05/09 5:40 a.m.12 views

Remote Code Execution (RCE)

LiteLLM is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe rendering of user-supplied prompt templates in the POST /prompts/test endpoint without sandboxing, allowing authenticated users to execute arbitrary code within the LiteLLM Proxy process and potentially access...

8.8CVSS6.2AI score0.00373EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2026/05/08 8:36 p.m.10 views

GHSA-GPHH-9Q3H-JGPP banks has Critical Remote Code Execution (RCE) via Jinja2 SSTI

Summary banks = 2.4.1 uses jinja2.Environment unsandboxed to render prompt templates. Applications that pass user-supplied strings as the template argument to Prompt are vulnerable to Server-Side Template Injection SSTI, which can lead to Remote Code Execution RCE on the host system. This is a...

7.5CVSS6AI score0.00539EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/08 3:36 a.m.7 views

CVE-2026-42203

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.80.5 to before version 1.83.7, the POST /prompts/test endpoint accepted user-supplied prompt templates and rendered them without sandboxing. A crafted template could run arbitrary code inside the...

8.6CVSS6AI score0.00373EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.15 views

PT-2026-39237

Name of the Vulnerable Software and Affected Versions banks versions prior to 2.4.2 Description Server-Side Template Injection SSTI occurs when applications pass user-supplied strings directly as template arguments to the Prompt function. This happens because the software uses jinja2.Environment ...

7.5CVSS6.1AI score0.00539EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/04/09 7:34 p.m.6 views

CVE-2026-40087 LangChain has incomplete f-string validation in prompt templates

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same...

5.3CVSS5.8AI score0.00262EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/04/09 7:34 p.m.3 views

CVE-2026-40087

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same...

5.3CVSS5.9AI score0.00262EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/04/09 7:34 p.m.22 views

CVE-2026-40087

LangChain CVE-2026-40087 affects the f-string prompt-template validation prior to versions 0.3.84 and 1.2.28. The vulnerability arises because DictPromptTemplate and ImagePromptTemplate could accept templates containing attribute access or indexing expressions and evaluate them during formatting,...

5.3CVSS5.9AI score0.00262EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder