66 matches found
OPENSUSE-SU-2026:10862-1 yq-4.53.2-1.1 on GA media
These are all security issues fixed in the yq-4.53.2-1.1 package on the GA media of openSUSE Tumbleweed...
RHSA-2026:18048 Red Hat Security Advisory: jq security update
Bulletin has no description...
RHSA-2026:18045 Red Hat Security Advisory: jq security update
Bulletin has no description...
jq: stack overflow in module loading on mutual `include`
...
jq: Missing runtime type checks for _strindices lead to crash and limited memory disclosure
...
Exploit for Code Injection in Pgadmin Pgadmin_4
CVE-2025-2945 — pgAdmin 4 Query Tool Authenticated RCE Proof...
GO-2026-4641 WeKnora Vulnerable to Remote Code Execution via SQL Injection Bypass in AI Database Query Tool in github.com/Tencent/WeKnora
WeKnora Vulnerable to Remote Code Execution via SQL Injection Bypass in AI Database Query Tool in github.com/Tencent/WeKnora...
CVE-2026-30859
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a broken access control vulnerability in the database query tool allows any authenticated tenant to read sensitive data belonging to other tenants, including API keys, mod...
CVE-2026-30860 WeKnora: Remote Code Execution via SQL Injection Bypass in AI Database Query Tool
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution RCE vulnerability exists in the application's database query functionality. The validation system fails to recursively inspect child nodes within...
WeKnora 访问控制错误漏洞
WeKnora is an open-source framework based on LLM developed by Tencent. It features deep document understanding using the RAG paradigm, semantic retrieval, and context-aware answers. Prior to version 0.2.12, WeKnora had an access control vulnerability. This vulnerability stemmed from an access...
CVE-2026-22687 WeKnora vulnerable to SQL Injection
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, after WeKnora enables the Agent service, it allows users to call the database query tool. Due to insufficient backend validation, an attacker can use prompt‑based bypass...
CVE-2026-22687 WeKnora vulnerable to SQL Injection
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, after WeKnora enables the Agent service, it allows users to call the database query tool. Due to insufficient backend validation, an attacker can use prompt‑based bypass...
EUVD-2026-1880
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.5, after WeKnora enables the Agent service, it allows users to call the database query tool. Due to insufficient backend validation, an attacker can use prompt‑based bypass...
CVE-2025-20381 SPL commands allowlist controls bypass in Splunk MCP Server app through "run_splunk_query" MCP tool
In Splunk MCP Server app versions below 0.2.4, a user with access to the "runsplunkquery" Model Context Protocol MCP tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions...
Splunk MCP Server 安全漏洞
Splunk MCP Server is a multi-cloud platform server from Splunk USA. A security vulnerability exists in Splunk MCP Server versions prior to 0.2.4, which stems from the runsplunkquery tool that can bypass the SPL Command Allow List control, potentially leading to unauthorized operations...
EUVD-2001-1472
Malware in sbrugna...
EUVD-2004-1956
Malware in sbrugna...
Exploit for CVE-2025-2945
pgAdmin4 Query Tool Authenticated RCE PoC Standalone python s...
CVE-2025-56556
An issue was discovered in Subrion CMS 4.2.1, allowing authenticated adminitrators or moderators with access to the built-in Run SQL Query feature under the SQL Tool admin panel - to gain escalated privileges in the context of the SQL query tool...
Subrion CMS: Authenticated administrators are able to gain escalated access through Run SQL Query tool
An issue was discovered in Subrion CMS 4.2.1, allowing authenticated adminitrators or moderators with access to the built-in Run SQL Query feature under the SQL Tool admin panel — to gain escalated privileges in the context of the SQL query tool...