Lucene search
K

5 matches found

EUVD
EUVD
added 2026/04/03 9:31 p.m.4 views

EUVD-2026-18821

prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing...

8.6CVSS6.2AI score0.00363EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/03 8:26 p.m.3 views

CVE-2026-22661 prompts.chat Path Traversal via Skill File Handling

prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing...

8.6CVSS6AI score0.00363EPSS
Exploits0References3
CVE
CVE
added 2026/04/03 8:26 p.m.9 views

CVE-2026-22661

Prompts.chat is affected by a path-traversal vulnerability in skill file handling prior to commit 0f8d4c3. Attackers can craft ZIP archives with unsanitized filenames that include ../ path sequences, bypassing server-side filename validation, causing extraction to write files outside the intended...

8.6CVSS5.6AI score0.00363EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/03 8:26 p.m.19 views

CVE-2026-22661 prompts.chat Path Traversal via Skill File Handling

prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing...

8.6CVSS0.00363EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.3 views

PT-2026-30225

prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing...

8.6CVSS6.2AI score0.00363EPSS
Exploits0References5
Rows per page
Query Builder