CVE-2026-32949 SQLBot: SSRF to Arbitrary File Read (AFR) via Rogue MySQL

SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a Server-Side Request Forgery SSRF vulnerability that allows an attacker to retrieve arbitrary system and application files from the server. An attacker can exploit the...

CVE-2023-3259

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the "iBootPduSiteAuth" cookie, a malicious agent can direct the device to connect to a rouge database.Successful exploitation allows the...

CVE-2023-3259

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass. By manipulating the IP address field in the "iBootPduSiteAuth" cookie, a malicious agent can direct the device to connect to a rouge database.Successful exploitation allows the...

Vulnerabilities fixed in IBM Db2

IBM has fixed vulnerabilities in Db2. A malicious party could vulnerabilities potentially exploit them to cause a denial-of-service cause. To do this, a rogue database query on the database server to be executed. IBM has released updates to fix the vulnerabilities. For more information, see:...