Lucene search
+L

4 matches found

vulnrichment
vulnrichment
added 2026/06/02 10:40 p.m.12 views

CVE-2026-44653 LibreChat Shared MCP Server View Leaks Decrypted Admin Secrets

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, users with only VIEW access to an MCP server can retrieve the server's decrypted admin-managed secrets through GET /api/mcp/servers and GET /api/mcp/servers/:serverName. The returned...

6.5CVSS5.7AI score0.00276EPSS
Exploits1References1
nessus
nessus
added 2025/09/08 12:0 a.m.9 views

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2025-1165)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1165 advisory. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy...

8.8CVSS7.5AI score0.0257EPSS
Exploits2References8
redhat
redhat
added 2025/09/02 5:24 a.m.9 views

postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

An access control bypass flaw has been discovered in PostgreSQL. The PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide...

3.1CVSS7AI score0.0022EPSS
Exploits0References5
redhat
redhat
added 2025/09/02 4:7 a.m.17 views

postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

An access control bypass flaw has been discovered in PostgreSQL. The PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide...

3.1CVSS7AI score0.0022EPSS
Exploits0References5
Rows per page
Query Builder