Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

54 matches found

Positive Technologies
Positive Technologiesadded 2026/03/14 12:0 a.m.2 views

PT-2026-25507

I found an SSRF vulnerability bypass via DNS rebinding in simstudioai/sim a project with 25k+ stars on GitHub CVE-2025-69660. Full write-up: https://t.co/eU3wf4d4Rd security websecurity appsec cve bugbounty...

5.8AI score
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/12/27 4:33 a.m.1 views

CVE-2025-15099

A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation of the argument INTERNALAPISECRET leads to improper authentication. It is possible to initiate t...

9.8CVSS7.5AI score0.00047EPSS
Exploits1References1
NVD
NVDadded 2025/12/26 4:15 a.m.1 views

CVE-2025-15099

A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation of the argument INTERNALAPISECRET leads to improper authentication. It is possible to initiate t...

9.8CVSS0.00047EPSS
Exploits1References7
OSV
OSVadded 2025/12/26 4:15 a.m.1 views

CVE-2025-15099

A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation of the argument INTERNALAPISECRET leads to improper authentication. It is possible to initiate t...

9.8CVSS7.5AI score
Exploits0References7
Vulnrichment
Vulnrichmentadded 2025/12/26 4:2 a.m.2 views

CVE-2025-15099 simstudioai sim CRON Secret internal.ts improper authentication

A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation of the argument INTERNALAPISECRET leads to improper authentication. It is possible to initiate t...

7.5CVSS7AI score0.00047EPSS
Exploits1References7
CVE
CVEadded 2025/12/26 4:2 a.m.8 views

CVE-2025-15099

CVE-2025-15099 affects simstudioai sim up to version 0.5.27, specifically the CRON Secret Handler’s file apps/sim/lib/auth/internal.ts. The vulnerability arises from manipulation of the INTERNAL_API_SECRET parameter, enabling improper authentication. It is exploitable remotely, and publicly avail...

9.8CVSS7AI score0.00047EPSS
Exploits1References7Affected Software1
Cvelist
Cvelistadded 2025/12/26 4:2 a.m.25 views

CVE-2025-15099 simstudioai sim CRON Secret internal.ts improper authentication

A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation of the argument INTERNALAPISECRET leads to improper authentication. It is possible to initiate t...

7.5CVSS0.00047EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2025/12/26 12:0 a.m.1 views

PT-2025-53443

Name of the Vulnerable Software and Affected Versions simstudioai sim versions prior to 0.5.27 Description A flaw exists in simstudioai sim up to version 0.5.27 related to improper authentication. The issue resides within the CRON Secret Handler component, specifically in the file...

9.8CVSS6.7AI score0.00047EPSS
Exploits1References14
EUVD
EUVDadded 2025/11/14 9:30 p.m.4 views

EUVD-2025-26365

A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. Affected by this issue is the function Import of the file apps/sim/app/api/files/upload/route.ts of the component HTML File Parser. Executing manipulation of the argument File can lead to unrestricte...

6.5CVSS6.1AI score0.00091EPSS
Exploits1References8
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2025-20195

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00714EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-27148

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00095EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-27267

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00085EPSS
Exploits1References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-20175

Malicious code in bioql PyPI...

7.5CVSS5.5AI score0.00764EPSS
Exploits1References7
RedhatCVE
RedhatCVEadded 2025/09/10 5:26 p.m.3 views

CVE-2025-10097

A vulnerability was identified in SimStudioAI sim up to 1.0.0. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely...

9.8CVSS7AI score0.00085EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/09/10 4:29 p.m.7 views

CVE-2025-10096

A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been...

6.5CVSS6.6AI score0.00095EPSS
Exploits1References1
OSV
OSVadded 2025/09/08 6:31 p.m.1 views

GHSA-G4C9-F287-64XG SimStudioAI: A function in route.ts is vulnerable to Code Injection

A vulnerability was identified in SimStudioAI sim. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely...

6.3CVSS7.1AI score0.00085EPSS
Exploits1References8
Github Security Blog
Github Security Blogadded 2025/09/08 6:31 p.m.5 views

SimStudioAI: A function in route.ts is vulnerable to Code Injection

A vulnerability was identified in SimStudioAI sim. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely...

9.8CVSS7.1AI score0.00085EPSS
Exploits1References8Affected Software1
OSV
OSVadded 2025/09/08 5:15 p.m.1 views

CVE-2025-10097

A vulnerability was identified in SimStudioAI sim up to 1.0.0. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely...

9.8CVSS7.1AI score
Exploits0References5
NVD
NVDadded 2025/09/08 5:15 p.m.2 views

CVE-2025-10097

A vulnerability was identified in SimStudioAI sim up to 1.0.0. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely...

9.8CVSS0.00085EPSS
Exploits1References5
Cvelist
Cvelistadded 2025/09/08 4:32 p.m.7 views

CVE-2025-10097 SimStudioAI sim route.ts code injection

A vulnerability was identified in SimStudioAI sim up to 1.0.0. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely...

6.5CVSS0.00085EPSS
Exploits1References5
Rows per page
Query Builder