Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.12 views

CVE-2026-7397

A security flaw has been discovered in NousResearch hermes-agent 0.8.0. This affects the function checksensitivepath of the file tools/filetools.py. The manipulation results in symlink following. Attacking locally is a requirement. The exploit has been released to the public and may be used for...

4.8CVSS5AI score0.00138EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.10 views

PT-2026-47556

Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. The Prometheus metrics exporter binds to 0.0.0.0 all network interfaces by default with no authentication. The default config is disabled. If enabled, this exposes operational metrics to any ho...

4.3CVSS5.5AI score
Exploits0References4
EUVD
EUVD
added 2026/05/15 7:40 p.m.17 views

EUVD-2026-30618

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the type: "file" non-full-context, type: "text" with collectionname, and bare collectionname/collectionnames paths in the getsourcesfromitems function perform vector store queries...

6.5CVSS5.8AI score0.00366EPSS
Exploits1References1
Snyk
Snyk
added 2026/05/14 8:26 p.m.8 views

Missing Authorization

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Missing Authorization in the GET /api/tasks and POST /api/tasks/stop/taskid endpoints, which lack proper ownership checks. An attacker can enumerate and terminate background tasks belonging to other users by...

7.1CVSS5.8AI score0.0027EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/14 8:19 p.m.9 views

Server-side Request Forgery (SSRF)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the OAuthManager profile picture fetch path in the OAuth handling code. An attacker can make the server send outbound requests to arbitrary URLs by supplying a malicio...

7.7CVSS5.9AI score0.00381EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/08 8:1 p.m.9 views

Incorrect Authorization

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Incorrect Authorization in the isuserchannelmember function. An attacker can retain unauthorized read and write access to group or direct message channels by making direct API calls after being deactivated fr...

5.4CVSS5.8AI score0.00178EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/29 6:0 p.m.31 views

CVE-2026-7397 NousResearch hermes-agent file_tools.py _check_sensitive_path symlink

A security flaw has been discovered in NousResearch hermes-agent 0.8.0. This affects the function checksensitivepath of the file tools/filetools.py. The manipulation results in symlink following. Attacking locally is a requirement. The exploit has been released to the public and may be used for...

4.8CVSS0.00138EPSS
Exploits0References8
Snyk
Snyk
added 2026/03/27 1:23 a.m.2 views

Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error during the intra-handshake attestation.. An attacker can impersonate a trusted service endpoint and gain unauthorized access to sensitive data or operations by extracting the ephemeral TLS private key through...

7.8CVSS5.9AI score0.00062EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/13 3:23 p.m.3 views

CVE-2025-60012 Apache Livy: Restrict file access

Malicious configuration can lead to unauthorized file access in Apache Livy. This issue affects Apache Livy 0.7.0 and 0.8.0 when connecting to Apache Spark 3.1 or later. A request that includes a Spark configuration value supported from Apache Spark version 3.1 can lead to users gaining access to...

5.8AI score0.00488EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/03/04 12:29 a.m.2 views

SUSE CVE-2026-21434

webtransport-go is an implementation of the WebTransport protocol. From 0.3.0 to 0.9.0, an attacker can cause excessive memory consumption in webtransport-go's session implementation by sending a WTCLOSESESSION capsule containing an excessively large Application Error Message. The implementation...

7.5CVSS5.9AI score0.00413EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/20 3:47 p.m.21 views

CVE-2026-22357 WordPress Link Whisper Free plugin <= 0.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through = 0.9.2...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:47 p.m.14 views

CVE-2026-22357

CVE-2026-22357 corresponds to a Reflected XSS in the WordPress Link Whisper Free plugin (versions up to 0.9.2 as stated in the initial document). The vulnerability involves improper input handling during web page generation, enabling reflected cross-site scripting. The connected Wordfence summary...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/10/18 12:0 p.m.7 views

CuPs (>=0.0.0 <=0.0.5), Druid_task1 (=0.1.0) +94 more potentially affected by unknown CVE via unic-ucd-bidi (>=0.1.1 <=0.9.0)

unic-ucd-bidi CARGO version =0.1.1, =0.0.0, =1.11.3, =0.3.0, =0.1.0-alpha.4, =0.3.0, =0.4.0, =0.2.4-beta, =0.7.0, =0.4.0, =0.5.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0083...

5.8AI score
Exploits0
Snyk
Snyk
added 2025/05/30 7:41 p.m.3 views

Improper Input Validation

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Improper Input Validation in the pattern and type fields. An attacker can cause a crash of the inference worker by sending inputs containing...

8.7CVSS6.9AI score0.00449EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/05/30 12:0 a.m.4 views

vLLM 安全漏洞

vLLM is a high throughput and memory efficient inference and service engine for LLM from the vLLM open source. A security vulnerability exists in vLLM versions prior to 0.8.0 through 0.9.0, which stems from the use of an invalid jsonschema call to the /v1/completions API that could cause the serv...

6.5CVSS6.3AI score0.00453EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/05/29 12:0 a.m.2 views

vLLM 安全漏洞

vLLM is a high throughput and memory efficient inference and service engine for LLM from the vLLM open source. A security vulnerability exists in vLLM versions prior to 0.7.0 through 0.9.0, which stems from the use of only raw pixel data without including metadata in the image hash method, which...

7.3CVSS6.3AI score0.00266EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:32 a.m.27 views

CVE-2024-8642

In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity expiry, not-before, issuance date, which can allow an attacker to bypass the check for token expiration. The issue requires to have ...

8.1CVSS7AI score0.00407EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/27 12:0 a.m.6 views

PT-2024-39485 · Eclipse · Eclipse Dataspace Components

Name of the Vulnerable Software and Affected Versions: Eclipse Dataspace Components versions 0.1.3 through 0.9.0 Description: The issue concerns the Connector component in Eclipse Dataspace Components, which is responsible for filtering datasets that another party can see in a requested catalog...

5.3CVSS6.9AI score0.00372EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/09/27 12:0 a.m.3 views

Eclipse Dataspace Components 安全漏洞

Eclipse Dataspace Components is a development connector for the Eclipse Dataspace Components open source. A security vulnerability exists in Eclipse Dataspace Components versions 0.1.3 through 0.9.0, which stems from a lack of proper filtering to expose sensitive information...

5.3CVSS6.5AI score0.00372EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.5 views

PT-2024-7968 · Eclipse · Eclipse Dataspace Components

Name of the Vulnerable Software and Affected Versions: Eclipse Dataspace Components versions 0.5.0 through 0.9.0 Description: The issue is related to the ConsumerPullTransferTokenValidationApiController component, which has inadequate authentication procedures. This allows a remote attacker to...

8.5CVSS7.8AI score0.00407EPSS
Exploits0References14
Rows per page
Query Builder