2 matches found
CVE-2024-52586
eLabFTW is an open source electronic lab notebook for research labs. A vulnerability has been found starting in version 4.6.0 and prior to version 5.1.0 that allows an attacker to bypass eLabFTW's built-in multifactor authentication mechanism. An attacker who can authenticate locally by knowing o...
CVE-2025-25183
CVE-2025-25183 affects vLLM (prefix cache) where malicious inputs can trigger Python 3.12’s hash(None) behaving as a predictable constant, enabling hash collisions in the prefix cache. This may allow cache entries created from one prompt to be reused for another, causing unintended behavior in re...