Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/04/03 10:21 p.m.4 views

Server-side Request Forgery (SSRF)

Overview prompts.chat is a Developer toolkit for AI prompts - build, validate, parse, and connect to prompts.chat Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the token parameter in the Fal.ai media status polling flow. An attacker can access sensitive...

7.7CVSS5.7AI score0.00034EPSS
Exploits1References2
NVD
NVDadded 2026/04/03 9:17 p.m.3 views

CVE-2026-22661

prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing...

8.6CVSS0.00115EPSS
Exploits0References3
CVE
CVEadded 2026/04/03 8:28 p.m.4 views

CVE-2026-22665

CVE-2026-22665 affects prompts.chat prior to commit 1464475. The root cause is inconsistent handling of usernames across write and read paths, mixing case-sensitive and case-insensitive comparisons. This identity confusion allows creation of case-variant usernames that bypass uniqueness checks, e...

8.6CVSS5.9AI score0.00037EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/03 8:27 p.m.1 views

CVE-2026-22662 prompts.chat Blind SSRF via media-generate

prompts.chat prior to commit 1464475 contains a blind server-side request forgery vulnerability in the Wiro media generator that allows authenticated users to perform server-side fetches of user-controlled inputImageUrl parameters. Attackers can exploit this vulnerability by sending POST requests...

5.3CVSS6AI score0.00033EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/03 8:26 p.m.2 views

CVE-2026-22661 prompts.chat Path Traversal via Skill File Handling

prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing...

8.6CVSS6AI score0.00115EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/04/03 12:0 a.m.3 views

prompts.chat 路径遍历漏洞

prompts.chat is an open-source AI prompt library developed by Fatih Kadir Akın. Previous versions of prompts.chat had a path traversal vulnerability; this vulnerability stemmed from path traversal in skill file processing. Attackers could write arbitrary files onto the client system through...

8.6CVSS6AI score0.00115EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/04/03 12:0 a.m.4 views

prompts.chat 安全漏洞

prompts.chat is an open-source AI prompt library developed by Fatih Kadir Akın. The version 1464475 of prompts.chat had a security vulnerability; this vulnerability stemmed from inconsistent handling of usernames, which could lead to identity confusion and account impersonation...

8.6CVSS5.8AI score0.00037EPSS
Exploits1References3
Rows per page
Query Builder