25 matches found
CVE-2026-7397
A security flaw has been discovered in NousResearch hermes-agent 0.8.0. This affects the function checksensitivepath of the file tools/filetools.py. The manipulation results in symlink following. Attacking locally is a requirement. The exploit has been released to the public and may be used for...
PT-2026-47556
Impact The Ironic Standalone Operator IRSO is the operator to maintain an Ironic deployment for Metal3. The Prometheus metrics exporter binds to 0.0.0.0 all network interfaces by default with no authentication. The default config is disabled. If enabled, this exposes operational metrics to any ho...
EUVD-2026-30618
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the type: "file" non-full-context, type: "text" with collectionname, and bare collectionname/collectionnames paths in the getsourcesfromitems function perform vector store queries...
Missing Authorization
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Missing Authorization in the GET /api/tasks and POST /api/tasks/stop/taskid endpoints, which lack proper ownership checks. An attacker can enumerate and terminate background tasks belonging to other users by...
Server-side Request Forgery (SSRF)
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the OAuthManager profile picture fetch path in the OAuth handling code. An attacker can make the server send outbound requests to arbitrary URLs by supplying a malicio...
Incorrect Authorization
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Incorrect Authorization in the isuserchannelmember function. An attacker can retain unauthorized read and write access to group or direct message channels by making direct API calls after being deactivated fr...
CVE-2026-7397 NousResearch hermes-agent file_tools.py _check_sensitive_path symlink
A security flaw has been discovered in NousResearch hermes-agent 0.8.0. This affects the function checksensitivepath of the file tools/filetools.py. The manipulation results in symlink following. Attacking locally is a requirement. The exploit has been released to the public and may be used for...
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error during the intra-handshake attestation.. An attacker can impersonate a trusted service endpoint and gain unauthorized access to sensitive data or operations by extracting the ephemeral TLS private key through...
CVE-2025-60012 Apache Livy: Restrict file access
Malicious configuration can lead to unauthorized file access in Apache Livy. This issue affects Apache Livy 0.7.0 and 0.8.0 when connecting to Apache Spark 3.1 or later. A request that includes a Spark configuration value supported from Apache Spark version 3.1 can lead to users gaining access to...
SUSE CVE-2026-21434
webtransport-go is an implementation of the WebTransport protocol. From 0.3.0 to 0.9.0, an attacker can cause excessive memory consumption in webtransport-go's session implementation by sending a WTCLOSESESSION capsule containing an excessively large Application Error Message. The implementation...
CVE-2026-22357 WordPress Link Whisper Free plugin <= 0.9.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through = 0.9.2...
CVE-2026-22357
CVE-2026-22357 corresponds to a Reflected XSS in the WordPress Link Whisper Free plugin (versions up to 0.9.2 as stated in the initial document). The vulnerability involves improper input handling during web page generation, enabling reflected cross-site scripting. The connected Wordfence summary...
CuPs (>=0.0.0 <=0.0.5), Druid_task1 (=0.1.0) +94 more potentially affected by unknown CVE via unic-ucd-bidi (>=0.1.1 <=0.9.0)
unic-ucd-bidi CARGO version =0.1.1, =0.0.0, =1.11.3, =0.3.0, =0.1.0-alpha.4, =0.3.0, =0.4.0, =0.2.4-beta, =0.7.0, =0.4.0, =0.5.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0083...
Improper Input Validation
Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Improper Input Validation in the pattern and type fields. An attacker can cause a crash of the inference worker by sending inputs containing...
vLLM 安全漏洞
vLLM is a high throughput and memory efficient inference and service engine for LLM from the vLLM open source. A security vulnerability exists in vLLM versions prior to 0.8.0 through 0.9.0, which stems from the use of an invalid jsonschema call to the /v1/completions API that could cause the serv...
vLLM 安全漏洞
vLLM is a high throughput and memory efficient inference and service engine for LLM from the vLLM open source. A security vulnerability exists in vLLM versions prior to 0.7.0 through 0.9.0, which stems from the use of only raw pixel data without including metadata in the image hash method, which...
CVE-2024-8642
In Eclipse Dataspace Components, from version 0.5.0 and before version 0.9.0, the ConsumerPullTransferTokenValidationApiController does not check for token validity expiry, not-before, issuance date, which can allow an attacker to bypass the check for token expiration. The issue requires to have ...
PT-2024-39485 · Eclipse · Eclipse Dataspace Components
Name of the Vulnerable Software and Affected Versions: Eclipse Dataspace Components versions 0.1.3 through 0.9.0 Description: The issue concerns the Connector component in Eclipse Dataspace Components, which is responsible for filtering datasets that another party can see in a requested catalog...
Eclipse Dataspace Components 安全漏洞
Eclipse Dataspace Components is a development connector for the Eclipse Dataspace Components open source. A security vulnerability exists in Eclipse Dataspace Components versions 0.1.3 through 0.9.0, which stems from a lack of proper filtering to expose sensitive information...
PT-2024-7968 · Eclipse · Eclipse Dataspace Components
Name of the Vulnerable Software and Affected Versions: Eclipse Dataspace Components versions 0.5.0 through 0.9.0 Description: The issue is related to the ConsumerPullTransferTokenValidationApiController component, which has inadequate authentication procedures. This allows a remote attacker to...