Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.5 views

PT-2026-3859

Name of the Vulnerable Software and Affected Versions SQLBot versions prior to 1.5.0 Description SQLBot is an intelligent data query system based on a large language model and RAG. A missing authentication check in the /api/v1/datasource/uploadExcel endpoint allows unauthenticated remote attacker...

8.7CVSS5.7AI score0.00394EPSS
Exploits1References9
CVE
CVE
added 2025/08/05 11:36 p.m.17 views

CVE-2025-54883

Summary: CVE-2025-54883 affects Vision UI up to version 1.4.0, where the internal getSecureRandomInt in security-kit pre-3.5.0 uses a 32‑bit mask in rejection sampling that overflows, producing a non-uniform distribution of random numbers when the requested entropy exceeds 32 bits. The root cause...

9.3CVSS6.6AI score0.00346EPSS
Exploits0References2
CVE
CVE
added 2025/03/14 12:47 p.m.61 views

CVE-2025-26626

GLPI Inventory Plugin (for GLPI) is affected by a reflective cross-site scripting vulnerability in versions prior to 1.5.0. The issue allows execution of JavaScript code and is tracked as CVE-2025-26626. A fixed release is 1.5.0. The CVSSv3.1 base score is 6.5 (MEDIUM), with network attack vector...

6.5CVSS6.4AI score0.00316EPSS
Exploits0References2
OSV
OSV
added 2022/05/14 3:45 a.m.17 views

GHSA-W4X6-J349-9R57 Apache NiFi host header poisoning issue

A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade to the appropriate...

7.5CVSS7.4AI score0.02902EPSS
Exploits3References2
Rows per page
Query Builder