Lucene search
+L

8 matches found

nvd
nvd
added 2026/07/08 8:16 p.m.5 views

CVE-2026-59822

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.84.0, LiteLLM's MCP Streamable HTTP endpoint allowed an unauthenticated attacker to use a fabricated Authorization header to trigger an OAuth2 passthrough fallback path that replaced failed LiteLLM key...

8.8CVSS0.00243EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2026/04/23 12:0 a.m.14 views

CVE-2026-35058

server ASSERT on receiving a suitably malformed packet with a valid tls-crypt-v2 key...

5.8AI score0.00317EPSS
Exploits0References3
snyk
snyk
added 2026/04/08 8:2 p.m.1 views

Directory Traversal

Overview agixt is an An Artificial Intelligence Automation Platform. AI Instruction management from various providers, has an adaptive memory, and a versatile plugin system with many commands including web browsing. Supports many AI providers and models and growing support every day. Affected...

8.8CVSS6.4AI score0.01318EPSS
Exploits1References2
cvelist
cvelist
added 2026/02/19 10:24 p.m.24 views

CVE-2026-26320 OpenClaw macOS deep link confirmation truncation can conceal executed agent message

OpenClaw is a personal AI assistant. OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links without an unattended key, the app shows a confirmation dialog that previously displayed only the first 240 characters of the message, but executed the full...

7.1CVSS0.00426EPSS
Exploits0References3
susecve
susecve
added 2023/02/15 4:52 a.m.3 views

SUSE CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0-9.8.8, 9.9.0-9.9.10-P1,...

7.5CVSS6.8AI score0.18157EPSS
Exploits1References10
osv
osv
added 2017/06/29 12:0 a.m.2 views

UBUNTU-CVE-2017-3142

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection wit...

5.3CVSS6.6AI score0.05356EPSS
Exploits0References5
pypa
pypa
added 2013/11/05 6:55 p.m.7 views

PYSEC-2013-14

Salt aka SaltStack before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key...

4.9CVSS6.9AI score0.01473EPSS
Exploits0References4Affected Software1
osv
osv
added 2013/11/05 6:55 p.m.4 views

UBUNTU-CVE-2013-4439

Salt aka SaltStack before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key...

4.9CVSS5.9AI score0.01473EPSS
Exploits0References5
Rows per page
Query Builder