Lucene search
K

27 matches found

Cvelist
Cvelist
added 2025/10/14 4:24 p.m.10 views

CVE-2025-36730 Windsurf Prompt Injection via Filename

A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions...

4.6CVSS0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 4:24 p.m.3 views

CVE-2025-36730 Windsurf Prompt Injection via Filename

A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions...

4.6CVSS6.8AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 4:24 p.m.10 views

CVE-2025-36730

Windsurf/Windsurft CVE-2025-36730 is a prompt-injection vulnerability affecting Windsurf/Windsurft version 1.10.7 when operating in Write mode with the SWE-1 model. The issue arises from a crafted file name that becomes appended to the user prompt, causing Windsurf to follow its instructions. Doc...

4.6CVSS6.8AI score0.00178EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/14 4:24 p.m.4 views

EUVD-2025-34255

A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions...

4.6CVSS6.7AI score0.00178EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.4 views

Windsurf 安全漏洞

Windsurf is an AI programming software from Windsurf. A security vulnerability exists in Windsurf version 1.10.7, which stems from the possibility of creating filenames appended to user prompts when using the SWE-1 model in Write mode, causing Windsurf to execute its commands...

4.6CVSS7AI score0.00178EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.5 views

PT-2025-41975

A prompt injection vulnerability exists in Windsurft version 1.10.7 in Write mode using SWE-1 model. It is possible to create a file name that will be appended to the user prompt causing Windsurf to follow its instructions...

4.6CVSS7.3AI score0.00178EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2023/04/28 11:3 a.m.6 views

windsurf-silbersee.de Cross Site Scripting vulnerability OBB-3278968

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6AI score
Exploits0
Rows per page
Query Builder