LibreChat 安全漏洞

LibreChat is an open-source, free, and highly customizable unified AI dialogue platform. It allows for the aggregation and running of large models from any vendor within one interface. LibreChat versions 0.8.3 and earlier have a security vulnerability caused by improper access control to the MCP...

OpenID Connect 授权问题漏洞

OpenID Connect OIDC is a library open-sourced by XWiki Contrib. Makes XWiki a reusable identity provider for any application. An authorization issue vulnerability exists in OpenID Connect OIDC version 2.17.1 through versions prior to 2.18.2, which stems from a user with view privileges being able...

CVE-2025-25711

An issue in dtp.ae tNexus Airport View v.2.8 allows a remote attacker to escalate privileges via the ProfileID value to the /tnexus/rest/admin/updateUser API endpoint...

Cybozu Garoon Bypass View Privilege Vulnerability

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A security vulnerability exists in Cybozu Garoon versions 4.0.0 to 5.0.1. A remote attacker can exploit the...

Privilege Escalation

mysql is vulnerable to privilege escalation. A flaw was found in a way MySQL handled the "DEFINER" view parameter. A user with the "ALTER VIEW" privilege for a view created by another database user, could modify that view to get access to any data accessible to the creator of said view...

mysql security update

CentOS Errata and Security Advisory CESA-2007:1222-001 Updated mysql packages that fix several security issues are now available for Red Hat Application Stack v1 and v2. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user,...