Lucene search
K

4072 matches found

Huntr
Huntr
added 2026/01/16 8:47 a.m.11 views

H2O-3 PostgreSQL Driver RCE - Bypassing CVE-2025-6544 Mitigation

Description A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The current security mitigation implemented in H2O-3 relies on a parameter blacklist mechanism that exclusively targets MySQL JDBC...

9.8CVSS6.9AI score0.00938EPSS
Exploits2
Huntr
Huntr
added 2026/01/14 7:2 p.m.6 views

Uncontrolled Recursion in NLTK StupidBackoff Language Model Allows Denial of Service

This report is not public...

5.3AI score
Exploits0
Huntr
Huntr
added 2026/01/13 3:32 a.m.14 views

Integer Overflow lead to DOS in handling Accept-Encoding header in API /v2/models/<model-name>/generate

This report is not public...

5.8AI score
Exploits0
Huntr
Huntr
added 2026/01/12 2:22 a.m.6 views

XSS in Chat Message Leads to Account Tackover

Description The vulnerability resides in the data persistence layer of the application. The fromdict method in the AppLollmsMessage class acts as a "sink" for raw data. It retrieves the content value from an input dictionary and assigns it directly to the object without any form of sanitization o...

8.2CVSS6AI score0.00258EPSS
Exploits1
Huntr
Huntr
added 2026/01/11 8:12 p.m.4 views

Arbitrary File Read via Log Symlink following in FileTaskHandler

This report is not public...

5.3AI score
Exploits0
Huntr
Huntr
added 2026/01/10 6:22 a.m.6 views

Stored XSS in Home Feed via Post Content Lead to Account Takeover

Description A Stored Cross-Site Scripting XSS vulnerability was identified in the social feature of the application. The backend fails to sanitize user-provided content in the post creation endpoint. This allows an attacker to inject and store malicious JavaScript, which is then executed in the...

9.6CVSS7.5AI score0.00405EPSS
Exploits1
Huntr
Huntr
added 2026/01/08 2:20 a.m.5 views

Session is not expiring after password resetting

This report is not public...

4.1CVSS5.9AI score0.0021EPSS
Exploits0
Huntr
Huntr
added 2026/01/07 1:6 p.m.5 views

Path Traversal in Agent Flows via `uuid` (Arbitrary .json File Read/Delete)

Description : Summary I discovered a Path Traversal vulnerability in the AgentFlows component that allows reading and deleting arbitrary .json files on the server. The issue stems from the improper usage of path.join combined with normalizePath. The application resolves the file path using user...

9.1CVSS7.1AI score0.00809EPSS
Exploits1
Huntr
Huntr
added 2026/01/07 6:18 a.m.6 views

Improper Access Control via Weak JWT Token Leads to Admin Takeover and Privilege Escalation

Description The application's session management is vulnerable to Authorization Bypass and Vertical Privilege Escalation. During dynamic analysis of the application's authentication flow, I discovered that the JSON Web Tokens JWT are signed with a weak secret key. This allowed me to perform an...

9.8CVSS5.9AI score0.0054EPSS
Exploits1
Huntr
Huntr
added 2026/01/07 5:21 a.m.25 views

Arbitrary Code Execution via Unsafe torch.load() in Trainer Checkpoint Loading

Summary A critical arbitrary code execution vulnerability exists in HuggingFace Transformers' Trainer class. The loadrngstate method at src/transformers/trainer.py:3059 calls torch.load without the weightsonly=True parameter. While a safeglobals context manager wraps this call, it provides no...

7.8CVSS6.6AI score0.00349EPSS
Exploits1
Huntr
Huntr
added 2026/01/06 2:55 p.m.6 views

TFSMLayer bypasses `safe_mode=True`, allowing attacker-controlled code execution during model inference

Summary TFSMLayer allows loading attacker-controlled TensorFlow SavedModels when deserializing a .keras model, even when safemode=True the default. While TensorFlow does not execute SavedModel functions during load, the attacker-controlled graph is registered during deserialization and executes...

8.8CVSS7.8AI score0.00328EPSS
Exploits0
Huntr
Huntr
added 2025/12/31 2:25 p.m.39 views

Command Injection through bash -c

This report is not public...

9.6CVSS5.8AI score0.01328EPSS
Exploits2
Huntr
Huntr
added 2025/12/30 10:50 a.m.4 views

Unbounded Classification Output Sorting Leads to Remote Denial-of-Service in Triton Inference Server

This report is not public...

5.3AI score
Exploits0
Huntr
Huntr
added 2025/12/29 5:53 p.m.6 views

Unauthenticated File Upload in LollMS

Executive Summary A critical security vulnerability has been identified in LollMS that allows unauthenticated users to upload and process files through the /api/files/extract-text endpoint. This endpoint lacks authentication requirements, contradicting the application's documented "Secure...

9.8CVSS5.8AI score0.0043EPSS
Exploits1
Huntr
Huntr
added 2025/12/29 5:51 p.m.5 views

Server-Side Request Forgery (SSRF) in LollMS Export Content

Executive Summary A security vulnerability has been identified in LollMS that allows Server-Side Request Forgery SSRF attacks through the /api/files/export-content endpoint. The downloadimagetotemp function downloads images from arbitrary user-controlled URLs without validation, allowing attacker...

7.5CVSS6AI score0.01765EPSS
Exploits1
Huntr
Huntr
added 2025/12/29 5:49 p.m.6 views

Insecure Direct Object Reference (IDOR) in LollMS Friend Request Response

Executive Summary A critical security vulnerability has been identified in LollMS that allows any authenticated user to accept or reject friend requests belonging to other users. The respondrequest function lacks authorization checks, enabling Insecure Direct Object Reference IDOR attacks. Affect...

8.3CVSS5.8AI score0.00268EPSS
Exploits1
Huntr
Huntr
added 2025/12/29 5:46 p.m.7 views

Content-Type Spoofing in LollMS Image Upload

Executive Summary A security vulnerability has been identified in LollMS that allows authenticated users to bypass file type validation by spoofing the Content-Type header. The /api/upload/chatimage endpoint only validates the HTTP header, not the actual file content, allowing malicious files to ...

6AI score
Exploits0
Huntr
Huntr
added 2025/12/27 5:2 p.m.26 views

Job API exposed without authorization

This report is not public...

9.8CVSS5.9AI score0.04392EPSS
Exploits1
Huntr
Huntr
added 2025/12/27 4:17 p.m.10 views

Tracing + Assessments Access

This report is not public...

8.1CVSS7.1AI score0.00331EPSS
Exploits1
Huntr
Huntr
added 2025/12/26 3:34 p.m.5 views

Airflow externalLogUrl Permission Bypass

1. Summary The externalLogUrl endpoint in Airflow’s FastAPI enforces only the weaker Task Instance access permission TASKINSTANCE instead of the intended Task Logs permission TASKLOGS. As a result, low-privileged users who are not authorized to view task logs can still obtain external log access...

6.1AI score
Exploits0
Huntr
Huntr
added 2025/12/23 7:16 a.m.16 views

Command Injection via Malicious Model Artifacts

A command injection vulnerability exists in MLflow's model serving container initialization code. When deploying a model with envmanager=LOCAL, MLflow reads dependency specifications from the model artifact's pythonenv.yaml file and directly interpolates them into a shell command without...

10CVSS6.3AI score0.01994EPSS
Exploits1
Huntr
Huntr
added 2025/12/23 1:15 a.m.11 views

MLflow Tarfile Path traversal in mlflow/mlflow

Description Vulnerability Report: Unsafe Tar Extraction Path Traversal Due to the lack of path traversal verification in the tar decompression part, it may lead to the possibility of overwriting any file or gaining elevated privileges. This is a non-expected vulnerability. Location File:...

10CVSS7.2AI score0.00587EPSS
Exploits1
Huntr
Huntr
added 2025/12/20 9:56 p.m.6 views

Apache Arrow IPC cached prebuffer path triggers signed integer overflow UB in read-range coalescing

Description Apache Arrow C++ commit d89c14b5d5203bc403fb62060fdf1ef2c0a49339 contains a signed integer overflow undefined behavior in the IO range coalescing logic, specifically in arrow/cpp/src/arrow/io/interfaces.cc:475 arrow::io::internal::CoalesceReadRanges. The overflow is reachable from...

6AI score
Exploits0
Huntr
Huntr
added 2025/12/14 3:18 a.m.5 views

Unsafe Pickle Deserialization in apache-airflow-providers-http leading to RCE via HttpOperator

A High severity Unsafe Deserialization vulnerability exists in the airflow.providers.http package. The HttpOperator uses pickle.loads to deserialize untrusted data received from the Triggerer service via the database in the executecomplete method. This allows an attacker who has gained write acce...

6.4AI score
Exploits0
Huntr
Huntr
added 2025/12/11 10:6 p.m.10 views

Arbitrary file write via tar traversal

Summary A crafted tar.gz passed to MLflow pyfunc extraction is unpacked with tarfile.extractall without path validation. Archive entries containing .. or absolute paths can escape the destination directory and write arbitrary files on the host. This is reachable when users supply prebuiltenvuri o...

9.1CVSS7.5AI score0.00852EPSS
Exploits1
Huntr
Huntr
added 2025/12/09 7:18 p.m.9 views

Arbitrary File Read via Absolute Path Input in nltk.util.filestring() enabling Local & Remote File Disclosure

This report is not public...

8.6CVSS5.8AI score0.00428EPSS
Exploits1
Huntr
Huntr
added 2025/12/08 9:27 a.m.8 views

MLflow SageMaker Command Injection Vulnerability

Description The vulnerability exists in /mlflow/sagemaker/init.py at lines 161-167, where user-supplied container image names are directly interpolated into shell commands without proper sanitization before being passed to os.system. Vulnerable Code Path : CLI Input --container parameter ↓...

8.8CVSS7.5AI score0.01456EPSS
Exploits1
Huntr
Huntr
added 2025/12/05 8:47 p.m.16 views

Arbitrary Code Execution in NLTK StanfordSegmenter via untrusted JAR loading

This report is not public...

10CVSS5.9AI score0.00777EPSS
Exploits3
Huntr
Huntr
added 2025/12/04 6:25 p.m.20 views

NLTK – Multiple CorpusReader classes allow Arbitrary File Read via Path Traversal

This report is not public...

8.6CVSS5.9AI score0.00924EPSS
Exploits3
Huntr
Huntr
added 2025/12/04 4:26 p.m.5 views

Arbitrary File Read via FileSystemPathPointer + PlaintextCorpusReader (bypass even if nltk.data.find() is patched

This report is not public...

5.3AI score
Exploits0
Huntr
Huntr
added 2025/12/04 3:39 p.m.7 views

Command Injection in example_xcom.py via XCom race condition

This report is not public...

5.8AI score
Exploits0
Huntr
Huntr
added 2025/11/13 5:44 p.m.16 views

Zip Slip Vulnerability in NLTK Downloader Leading to Remote Code Execution

This report is not public...

10CVSS5.5AI score0.0079EPSS
Exploits1
Huntr
Huntr
added 2025/11/11 9:51 a.m.10 views

Unlimited-memory decompression leads to DoS bypassing `--http-max-input-size`

This report is not public...

5.4AI score
Exploits0
Huntr
Huntr
added 2025/11/09 10:42 p.m.4 views

Persistent Temp-File incomplete cleanup / resource exhaustion in `transformers` Serve

Description The transformers OpenAI-compatible server leaks every base64 image it decodes to disk. Because the temporary files are never cleaned up, an attacker can exhaust disk space by repeatedly calling /v1/chat/completions with base64 imageurl entries. Vulnerable Code In...

5.8AI score
Exploits0
Huntr
Huntr
added 2025/11/03 5:47 a.m.3 views

Remote code execution via transformers_utils/get_config

This report is not public...

5.8AI score
Exploits0
Huntr
Huntr
added 2025/10/19 4:53 a.m.5 views

Path traversal vulnerability via `FileSystemPathPointer.join()` method allows unauthorized file access

Description A critical path traversal vulnerability exists in the FileSystemPathPointer.join method within the nltk library. The vulnerability allows attackers to bypass directory restrictions and access files outside the intended directory structure by using path traversal sequences such as ../ ...

5.5AI score
Exploits0
Huntr
Huntr
added 2025/10/07 8:15 a.m.8 views

MLFlow server is exposed to data exfiltration and destruction due to lack of Origin validation

The MLFlow REST server is vulnerable to DNS rebinding attacks, allowing malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. Once rebinding is successful, the attacker can: Query for experiments via the 2.0/mlflow/experiments/search...

8.1CVSS6AI score0.00193EPSS
Exploits1
Huntr
Huntr
added 2025/10/03 6:25 p.m.10 views

text-generation-inference: Unbounded external image fetch in validation leads to resource-exhaustion DoS

Description Text Generation Inference Router DoS via pre-validation image fetch in VLM mode. Affected: Router workspace version 3.3.6 the latest repo, when deployed with a vision/VLM model e.g., Idefics/Mllama/Idefics2/Idefics3/Gemma3/Llama4/Paligemma/LlavaNext/Qwen2VL/Qwen25VL. Pure text LLMs do...

7.5CVSS7.2AI score0.22494EPSS
Exploits0
Huntr
Huntr
added 2025/10/02 4:18 a.m.7 views

Integer Overflow lead to DOS in API `v2/models/<model-name>/infer`

This report is not public...

6.9AI score
Exploits0
Huntr
Huntr
added 2025/09/26 7:3 a.m.7 views

Arbitrary code execution during YAML config parsing in Kubernetes materializer

Summary The Kubernetes materializer entry point feast/sdk/python/feast/infra/computeengines/kubernetes/main.py deserializes /var/feast/featurestore.yaml and /var/feast/materializationconfig.yaml using yaml.load..., Loader=yaml.Loader. Because yaml.Loader eagerly instantiates arbitrary Python...

7.8CVSS6.8AI score0.00264EPSS
Exploits0
Huntr
Huntr
added 2025/09/05 3:17 a.m.6 views

Integer Overflow → Heap Buffer Overflow in BYTES-Tensor Parsing (DoS)

This report is not public...

6.9AI score
Exploits0
Huntr
Huntr
added 2025/08/30 2:5 p.m.9 views

Path Traversal vulnerability in keras using tar extract

Technical Details of the Vulnerability Summary Keras's keras.utils.getfile function is vulnerable to directory traversal attacks despite implementing filtersafepaths. The vulnerability exists because extractarchive uses Python's tarfile.extractall method without the security-critical filter="data...

8CVSS7.2AI score0.00592EPSS
Exploits0
Huntr
Huntr
added 2025/08/27 12:0 a.m.10 views

Account takeover due to missing oauth audience verification in google sign in

Description The web application integrates Google OAuth for user authentication. Upon successful Google sign-in and user consent, the application receives a token from Google. This token is used by the web application to fetch user profile information such as email and name and complete the login...

9.3CVSS6AI score0.00417EPSS
Exploits2
Huntr
Huntr
added 2025/08/21 9:10 p.m.4 views

Authorization Bypass in MLflow Basic Auth (unprotected Flask/GraphQL routes)

This report is not public...

6.9AI score
Exploits0
Huntr
Huntr
added 2025/08/01 11:42 p.m.8 views

Denial of Service via Unbounded parameter values

Description The /api/memories endpoint in the LibreChat application is found to be accepting arbitrarily large values for the key and value parameters. These inputs are not being properly validated or restricted in terms of maximum allowed character length. When an input containing more than 100...

7.5CVSS6.1AI score0.00313EPSS
Exploits1
Huntr
Huntr
added 2025/08/01 7:59 p.m.5 views

Insecure API Design: Able to Disable 2-Factor Authentication Without OTP or Backup Code

Description There is a minor issue in the 2-Factor Authentication 2FA flow. when a user tries to disable 2FA from the dashboard, the system should ask for a valid OTP or backup code and verify it through the following API: POST /api/auth/2fa/verify HTTP/1.1 Host: 127.0.0.1:3080 User-Agent:...

8.8CVSS6.1AI score0.00419EPSS
Exploits1
Huntr
Huntr
added 2025/07/24 1:53 p.m.6 views

Possible HTML Injection in Accept-Language header

This report is not public...

5.4CVSS5.4AI score0.00423EPSS
Exploits1
Huntr
Huntr
added 2025/07/21 5:38 a.m.5 views

SQLite Operator-Based SQL Injection Vulnerability in LangGraph

This report is not public...

7.3CVSS6.9AI score0.00162EPSS
Exploits0
Huntr
Huntr
added 2025/07/18 2:40 p.m.6 views

User Enumeration via "Account not found" Message

This report is not public...

5.3CVSS6.9AI score0.00722EPSS
Exploits1
Huntr
Huntr
added 2025/07/16 9:46 p.m.10 views

XPath Injection in search_item_ctrl_f Function - Hugging Face Smolagents v1.20.0

The searchitemctrlf function in the Hugging Face Smolagents library is vulnerable to XPath injection. The function simply concatenates user input into an XPath query without sanitizing or escaping the input. Vulnerable Code Location: File: src/smolagents-1.20.0/smolagents/visionwebbrowser.py...

5.4CVSS6AI score0.00252EPSS
Exploits2
Total number of security vulnerabilities4072