CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2025/12/10 9:16 p.m.•1 views

CVE-2025-14116

A vulnerability was detected in xerrors Yuxi-Know up to 0.4.0. This vulnerability affects the function OtherEmbedding.aencode of the file /src/models/embed.py. Performing manipulation of the argument healthurl results in server-side request forgery. The attack can be initiated remotely. The explo...

5.8CVSS6.8AI score0.00049EPSS

Exploits0References1

EUVD•added 2025/12/06 12:31 a.m.•1 views

EUVD-2025-201505

5.8CVSS6.4AI score0.00049EPSS

Exploits0References6

NVD•added 2025/12/05 11:15 p.m.•1 views

CVE-2025-14116

5.8CVSS0.00049EPSS

Exploits0References5

Cvelist•added 2025/12/05 10:32 p.m.•18 views

CVE-2025-14116 xerrors Yuxi-Know embed.py OtherEmbedding.aencode server-side request forgery

5.8CVSS0.00049EPSS

Exploits0References5

Vulnrichment•added 2025/12/05 10:32 p.m.•1 views

CVE-2025-14116 xerrors Yuxi-Know embed.py OtherEmbedding.aencode server-side request forgery

5.8CVSS6.6AI score0.00049EPSS

Exploits0References5

CVE•added 2025/12/05 10:32 p.m.•5 views

CVE-2025-14116

CVE-2025-14116 affects xerrors Yuxi-Know up to 0.4.0. The vulnerability is in the function OtherEmbedding.aencode in /src/models/embed.py; manipulating the health_url argument can lead to server-side request forgery (SSRF). Exploitation is possible remotely, and an exploit is publicly available. ...

5.8CVSS6.6AI score0.00049EPSS

Exploits0References5

Positive Technologies•added 2025/12/05 12:0 a.m.•2 views

PT-2025-49320

Name of the Vulnerable Software and Affected Versions xerrors Yuxi-Know versions up to 0.4.0 Description A server-side request forgery condition exists in the OtherEmbedding.aencode function within the /src/models/embed.py file. Manipulation of the health url argument can trigger this issue,...

5.8CVSS4.8AI score0.00049EPSS

Exploits0References8