Lucene search
+L

45 matches found

nuclei
nuclei
added yesterday19 views

PraisonAI AgentOS - Information Disclosure

PraisonAI's AgentOS FastAPI application server exposes an unauthenticated GET /api/agents endpoint that lists every registered agent's name, role and the opening of its instructions system prompt. No authentication is enforced on the route, allowing a remote attacker to enumerate agent...

7.3CVSS7.1AI score0.26799EPSS
Exploits4
euvd
euvd
added 2 days ago4 views

EUVD-2026-43548

9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to access sensitive user data by sending requests to unprotected API endpoints. Attackers can enumerate paginated request logs and retrieve complete AI conversation historie...

8.7CVSS6.1AI score0.00371EPSS
Exploits0References3
cvelist
cvelist
added 3 days ago36 views

CVE-2026-62328 9Router 0.4.41 - Unauthenticated Information Disclosure via API Usage Endpoints

9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to access sensitive user data by sending requests to unprotected API endpoints. Attackers can enumerate paginated request logs and retrieve complete AI conversation historie...

8.7CVSS0.00371EPSS
Exploits0References2
euvd
euvd
added 2026/06/22 9:4 p.m.8 views

EUVD-2026-38367

Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted the default, the endpoint returns not only the chatflows bound to the supplied API key but also all chatflows across every workspace...

7.7CVSS5.9AI score0.00281EPSS
Exploits1References2
cvelist
cvelist
added 2026/06/22 9:4 p.m.29 views

CVE-2026-56268 Flowise - Cross-Workspace Information Disclosure via chatflows/apikey Endpoint

Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted the default, the endpoint returns not only the chatflows bound to the supplied API key but also all chatflows across every workspace...

7.7CVSS0.00281EPSS
Exploits1References2
nvd
nvd
added 2026/06/18 11:16 p.m.17 views

CVE-2026-56077

PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID uniqueness enforcement to share ledger instances and expo...

7.1CVSS0.00256EPSS
Exploits0References3
nvd
nvd
added 2026/06/18 4:16 p.m.14 views

CVE-2026-46580

In Eclipse Theia versions prior to 1.71.0, files matching the pattern .prompts/.prompttemplate in a workspace were automatically loaded and could override or extend the AI agent's system prompts. An attacker could craft a malicious repository containing prompt template files that, when the...

8.8CVSS0.00272EPSS
Exploits0References1
euvd
euvd
added 2026/06/18 2:26 p.m.10 views

EUVD-2026-37899

In Eclipse Theia versions prior to 1.71.0, files matching the pattern .prompts/.prompttemplate in a workspace were automatically loaded and could override or extend the AI agent's system prompts. An attacker could craft a malicious repository containing prompt template files that, when the...

8.4CVSS5.6AI score0.00272EPSS
Exploits0References1
cve
cve
added 2026/06/18 2:26 p.m.26 views

CVE-2026-46580

Theia before v1.71.0 loads files matching .prompts/*.prompttemplate from a workspace, allowing attacker-controlled content to override the AI agent’s system prompts (indirect prompt injection). This enables attack chains with untrusted workspaces, potentially causing data exfiltration via Markdow...

8.8CVSS5.7AI score0.00272EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/06/18 12:0 a.m.19 views

PT-2026-50691

Name of the Vulnerable Software and Affected Versions Eclipse Theia versions prior to 1.71.0 Description Files matching the pattern .prompts/.prompttemplate in a workspace are automatically loaded, allowing them to override or extend the AI agent's system prompts. This enables indirect prompt...

8.8CVSS6AI score0.00272EPSS
Exploits0References10
ptsecurity
ptsecurity
added 2026/06/18 12:0 a.m.16 views

PT-2026-50808

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 1.5.115 Description An information disclosure issue exists in the MultiAgentLedger component. The system fails to enforce the uniqueness of agent IDs, allowing attackers to register agents with duplicate IDs. This...

7.1CVSS5.9AI score0.00256EPSS
Exploits0References9
packetstormnews
packetstormnews
added 2026/06/02 12:0 a.m.14 views

Domain-Conditioned Safety in Frontier Computer-Using Agents: A 793-Episode Browser Benchmark, a Coding-Domain Cross-Reference, and a Reproducibility Audit of Recent Red-Teaming

Recent computer-using-agent CUA red-teaming papers report prompt-injection attack success rates ASR of 42-98%, but these headline numbers cluster on retired models and on the most-vulnerable model in each paper's panel. We ask whether those techniques, reproduced as hand-crafted templates, still...

5.5AI score
Exploits0
redhatcve
redhatcve
added 2026/05/19 1:58 a.m.13 views

CVE-2026-45351

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of...

6.5CVSS5.8AI score0.00281EPSS
Exploits1References1
cvelist
cvelist
added 2026/05/15 9:9 p.m.49 views

CVE-2026-45351 Open WebUI: Exposure of System Prompt to Regular User [Non-Admin]

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of...

6.5CVSS0.00281EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2026/05/15 9:9 p.m.8 views

CVE-2026-45351 Open WebUI: Exposure of System Prompt to Regular User [Non-Admin]

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of...

6.5CVSS5.8AI score0.00281EPSS
Exploits1References1
cve
cve
added 2026/05/15 9:9 p.m.24 views

CVE-2026-45351

Open WebUI vulnerability CVE-2026-45351: A non-admin user could trigger a request to /api/models? and receive the system prompt of available models, revealing admin-set backend prompts and compromising confidentiality. This affects Open WebUI self-hosted offline AI platform versions prior to 0.8....

6.5CVSS5.8AI score0.00281EPSS
Exploits1References1Affected Software1
osv
osv
added 2026/05/15 9:9 p.m.6 views

CVE-2026-45351 Open WebUI: Exposure of System Prompt to Regular User [Non-Admin]

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user non-admin logs into the application, a http://IP:8080/api/models? web request is initiated by the application and in response, it reveals the system prompt of...

6.5CVSS6AI score0.00281EPSS
Exploits1References3
osv
osv
added 2026/05/15 8:32 p.m.5 views

CVE-2026-45387 Open WebUI: Sharing models for others to use (read permission) also exposes model details (system prompt leakage)

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, when setting model permissions so that a group has read access to it, intending for other users to use it, those users also can read the model's system prompt. However users may...

4.3CVSS5.9AI score0.0022EPSS
Exploits1References3
cnnvd
cnnvd
added 2026/05/15 12:0 a.m.15 views

Open WebUI 信息泄露漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.9 contained a vulnerability related to information leakage. This vulnerability occurred when non-administrator users logged in, causing the application to send...

6.5CVSS5.8AI score0.00281EPSS
Exploits1References2
packetstormnews
packetstormnews
added 2026/05/08 12:0 a.m.31 views

SecureForge: Finding and Preventing Vulnerabilities in LLM-Generated Code Via Prompt Optimization

LLM coding agents now generate code at an unprecedented scale, yet LLM-generated code introduces cybersecurity vulnerabilities into codebases without human involvement. Even when frontier models are explicitly asked to write secure production code with relevant weaknesses to avoid in context, we...

5.8AI score
Exploits0
Rows per page
Query Builder