Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/05/30 8:13 a.m.17 views

CVE-2026-10044

Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/filename endpoint on Windows deployments that allows unauthenticated remote attackers to read arbitrary files by supplying absolute Windows paths or backslash-based traversal...

8.2CVSS6AI score0.006EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 12:38 a.m.13 views

EUVD-2026-33061

Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/filename endpoint on Windows deployments that allows unauthenticated remote attackers to read arbitrary files by supplying absolute Windows paths or backslash-based traversal...

8.2CVSS6AI score0.006EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 p.m.12 views

CVE-2026-10044

Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/filename endpoint on Windows deployments that allows unauthenticated remote attackers to read arbitrary files by supplying absolute Windows paths or backslash-based traversal...

8.2CVSS0.006EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/28 9:2 p.m.36 views

CVE-2026-10044 ai-goofish-monitor Unauthenticated Arbitrary File Read via GET /api/prompts/

Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/filename endpoint on Windows deployments that allows unauthenticated remote attackers to read arbitrary files by supplying absolute Windows paths or backslash-based traversal...

8.2CVSS0.006EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:2 p.m.8 views

CVE-2026-10044

Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/filename endpoint on Windows deployments that allows unauthenticated remote attackers to read arbitrary files by supplying absolute Windows paths or backslash-based traversal...

6AI score0.006EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/28 9:2 p.m.14 views

CVE-2026-10044 ai-goofish-monitor Unauthenticated Arbitrary File Read via GET /api/prompts/

Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/filename endpoint on Windows deployments that allows unauthenticated remote attackers to read arbitrary files by supplying absolute Windows paths or backslash-based traversal...

8.2CVSS6AI score0.006EPSS
Exploits0References4
CVE
CVE
added 2026/05/28 9:2 p.m.25 views

CVE-2026-10044

Usagi-org ai-goofish-monitor on Windows is affected by an unauthenticated arbitrary file read via GET /api/prompts/{filename}. The vulnerability arises from an incomplete path traversal guard that blocks only forward slashes and '..'; attackers can supply absolute Windows paths or backslash-based...

8.2CVSS6AI score0.006EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.11 views

PT-2026-44540

Name of the Vulnerable Software and Affected Versions ai-goofish-monitor affected versions not specified Description An unauthenticated arbitrary file read issue exists in Windows deployments. Remote attackers can read arbitrary files by supplying absolute Windows paths or backslash-based travers...

8.2CVSS5.9AI score0.006EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.3 views

Lunary 安全漏洞

lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary that stems from improper access control on the /prompts/promptid endpoint, and no detailed vulnerability details are provided at this time...

8.8CVSS6.8AI score0.00671EPSS
Exploits1References2
Rows per page
Query Builder