Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/04/20 6:16 a.m.0 views

CVE-2026-6608

A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function addtext of the component Arena Side-by-Side View Handler. The manipulation results in incorrect control flow. The attack can be launched remotely. The exploit is now public and may be used. The root cause was...

6.9CVSS0.00049EPSS
Exploits0References6
CNNVD
CNNVDadded 2026/04/20 12:0 a.m.3 views

FastChat 安全漏洞

FastChat is an open-source platform developed by LMSYS for training, deploying, and evaluating chatbots based on large language models. Versions of FastChat prior to 0.2.36 contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the addtext function in the Arena...

6.9CVSS6.1AI score0.00049EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/04/09 12:0 a.m.2 views

PublicCMS 安全漏洞

PublicCMS is an open-source content management system CMS developed by PublicCMS Company in China, written in the Java language. Versions of PublicCMS 6.202506.d and earlier contain security vulnerabilities. These vulnerabilities stem from operations on the...

5.8CVSS5.8AI score0.00061EPSS
Exploits0References5
EUVD
EUVDadded 2025/12/16 6:31 p.m.1 views

EUVD-2025-203770

InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...

5.3CVSS6.4AI score0.00037EPSS
Exploits1References3
Cvelist
Cvelistadded 2025/12/16 12:0 a.m.23 views

CVE-2025-64012

InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data...

0.00037EPSS
Exploits1References2
CVE
CVEadded 2025/12/16 12:0 a.m.6 views

CVE-2025-64012

CVE-2025-64012 affects InvoicePlane. The vulnerability is an Incorrect Access Control flaw in the invoices/view handler where ownership is not verified before returning invoice data, potentially leaking invoice information. Root cause is lack of ownership verification around invoice data disclosu...

4.3CVSS6.5AI score0.00037EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2025/05/29 3:31 p.m.1 views

GHSA-GP5H-F9C5-8355 Aim Vulnerable to Sandbox Escape Leading to Remote Code Execution

A vulnerability classified as critical was found in aimhubio aim up to 3.29.1. This vulnerability affects the function RestrictedPythonQuery of the file /aim/storage/query.py of the component runview Object Handler. The manipulation of the argument Query leads to sandbox issue. The attack can be...

6.3CVSS5.5AI score0.00376EPSS
Exploits1References6
CNNVD
CNNVDadded 2025/05/29 12:0 a.m.2 views

Aim 安全漏洞

Aim is an easy-to-use and high-performance open source experiment tracker from Aim Open Source USA. Aim 3.29.1 and earlier versions have a security vulnerability that stems from improper handling of the Query parameter in the runview Object Handler component, which could lead to sandboxing issues...

9.9CVSS6.3AI score0.00376EPSS
Exploits1References4
Rows per page
Query Builder