CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-22333

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00181EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-22332

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00252EPSS

Exploits2References1

RedhatCVE•added 2025/07/24 12:23 a.m.•4 views

CVE-2025-51860

Stored Cross-Site Scripting XSS in TelegAI telegai.com 2025-05-26 in its chat component and character container component. An attacker can achieve arbitrary client-side script execution by crafting an AI Character with SVG XSS payloads in either description, greeting, example dialog, or system...

6.1CVSS5.2AI score0.00252EPSS

Exploits2References1

RedhatCVE•added 2025/07/24 12:23 a.m.•5 views

CVE-2025-51862

Insecure Direct Object Reference IDOR vulnerability in TelegAI telegai.com thru 2025-05-26 in its chat component. An attacker can exploit this IDOR to tamper other users' conversation. Additionally, malicious contents and XSS payloads can be injected, leading to phishing attack, user spoofing and...

6.1CVSS5.6AI score0.00181EPSS

Exploits1References1

NVD•added 2025/07/22 3:15 p.m.•3 views

CVE-2025-51862

6.1CVSS0.00181EPSS

Exploits1References1

NVD•added 2025/07/22 3:15 p.m.•3 views

CVE-2025-51860

6.1CVSS0.00252EPSS

Exploits2References1

Positive Technologies•added 2025/07/22 12:0 a.m.•1 views

PT-2025-30419 · Telegai · Telegai

Name of the Vulnerable Software and Affected Versions: TelegAI affected versions not specified Description: The application contains a stored cross-site scripting XSS issue in its chat component and character container component. An attacker can execute arbitrary client-side scripts by creating a...

6.1CVSS5.2AI score0.00252EPSS

Exploits2References3

Vulnrichment•added 2025/07/22 12:0 a.m.•3 views

CVE-2025-51860

5.5AI score0.00252EPSS

Exploits2References1

Cvelist•added 2025/07/22 12:0 a.m.•7 views

CVE-2025-51862

0.00181EPSS

Exploits1References1

CVE•added 2025/07/22 12:0 a.m.•12 views

CVE-2025-51860

TelegAI (telegai.com) is affected by a Stored XSS (CVE-2025-51860) in its chat component and character container. The vulnerability allows an attacker to craft an AI Character with SVG XSS payloads in fields such as description, greeting, example dialog, or system prompt, causing arbitrary client...

6.1CVSS5.5AI score0.00252EPSS

Exploits2References1

CVE•added 2025/07/22 12:0 a.m.•11 views

CVE-2025-51862

TelegAI (telegai.com) is affected by an Insecure Direct Object Reference (IDOR) vulnerability in its chat component. Exploitation relies on manipulating the profile_id in chat-related API calls (as evidenced by the GitHub exploit, PT-2025-30420 description, and other reports), enabling an attacke...

6.1CVSS6.2AI score0.00181EPSS

Exploits1References1

Cvelist•added 2025/07/22 12:0 a.m.•7 views

CVE-2025-51860

0.00252EPSS

Exploits2References1

Positive Technologies•added 2025/07/22 12:0 a.m.•1 views

PT-2025-30420 · Telegai · Telegai

Name of the Vulnerable Software and Affected Versions: TelegAI versions through 2025-05-26 Description: An Insecure Direct Object Reference IDOR vulnerability exists in the chat component of TelegAI. This allows an attacker to tamper with other users' conversations. Additionally, malicious conten...

6.1CVSS5.4AI score0.00181EPSS

Exploits1References3

Vulnrichment•added 2025/07/22 12:0 a.m.•4 views

CVE-2025-51862

6.2AI score0.00181EPSS

Exploits1References1

CNNVD•added 2025/07/22 12:0 a.m.•1 views

TelegAI 跨站脚本漏洞

TelegAI is an AI chatbot website from TelegAI, Inc. A cross-site scripting vulnerability exists in TelegAI version 2025-05-26, which stems from an SVG cross-site scripting payload that can be embedded in AI role descriptions, leading to a stored cross-site scripting attack...

6.1CVSS5.8AI score0.00252EPSS

Exploits2References3