Data Leakage
37 entries
Every Data Leakage entry VulnWatch has indexed, sorted by publication date.
Subscribe to this tag's RSS feed
npm PraisonAI AgentOS exposes unauthenticated agent listing and invocation
## Summary The published npm package `praisonai` ships a TypeScript `AgentOS` HTTP server that defaults to `host: "0.0.0.0"` and registers sensitive agent routes without any authentication or authori...
vLLM: GGUF dequantize kernel int truncation exposes uninitialized GPU memory in multi-tenant serving
## Summary Integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels (`csrc/quantization/gguf/gguf_kernel.cu`) causes partial tensor processing. The output tensor is allocated at full...
Duplicate Advisory: MCP Streamable HTTP redirects could forward configured custom headers to another origin
## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rjxq-qqhf-8hwh. This link is maintained to preserve external references. ## Original Description OpenClaw befo...
CVE-2026-53840: OpenClaw before 2026.5.12 contains an information disclosure vulnerability in streamable-http MCP servers that forwards
OpenClaw before 2026.5.12 contains an information disclosure vulnerability in streamable-http MCP servers that forwards operator-configured custom headers during cross-origin redirects. Attackers cont...
CVE-2026-52722: A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor d
A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a lengt...
In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA
Other noteworthy stories that might have slipped under the radar: Ultrahuman data leak, The Gentlemen ransomware analysis, Hola Browser bundles miner. The post In Other News: Anthropic Maps AI Threats...
PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution
## Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely exploitable Critical chain: 1. The example exposes an A2A server without configuring `auth_token`. 2....
CVE-2026-24213: NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-boun
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution...
CVE-2026-24207: NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A succes
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of p...
CVE-2026-24206: NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A succes
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, denia...
CVE-2026-24163: NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deseri
NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code executi...
CVE-2026-24142: NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful ex
NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and in...
CVE-2025-33255: NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserial
NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution...
Coder: Unauthenticated SSRF via Azure Instance Identity Endpoint
## Summary Unauthenticated semi-blind Server-Side Request Forgery (SSRF) via the Azure instance identity endpoint (`POST /api/v2/workspaceagents/azure-instance-identity`). An external attacker can fo...
Open WebUI Vulnerable to Unauthenticated RAG Configuration Disclosure
**Vulnerability Type:** Information Disclosure / Missing Authentication **Severity:** Medium **Component:** `backend/open_webui/routers/retrieval.py` — `get_status()` (`GET /`) **Affected Endpoi...
wger Vulnerable to IDOR: Authenticated Users Can Read Any User's Private Workout Session Data via Template Routine API
### Summary Any authenticated user can read another user's private workout session notes, exercise history, and training statistics by calling the /logs/ and /stats/ actions on a routine they do not...
FlowiseAI Vulnerable to Credential Data Leak
**Severity**: HIGH (CVSS ~7.5) **Type**: CWE-200 (Exposure of Sensitive Information) **File**: `packages/server/src/services/credentials/index.ts:62-71` **Description**: When credentials are fetched...
Cline Kanban Server has a Cross-Origin WebSocket Hijacking Vulnerability
## Summary The `kanban` npm package (used by the `cline` CLI) starts a WebSocket server on `127.0.0.1:3484` with no Origin header validation. Any website a developer visits can silently connect to th...
BentoML has Information Disclosure in `bentoml build` via symlink traversal in the build context
### Summary BentoML's `bentoml build` packaging workflow follows attacker-controlled symlinks inside the build context and copies the referenced file contents into the generated Bento artifact. If a...
Craft CMS's Missing Authorization in GraphQL Address Resolver Allows Cross-Scope PII Disclosure
### Summary The GraphQL Address element resolver (src/gql/resolvers/elements/Address.php) performs no schema scope filtering on top-level queries. A GraphQL API token scoped to a single low-privilege...
Pelican Web UI Affected by a Privilege Escalation Attack
## Background On April 2nd, 2026, a Claude coding agent alerted Pelican PI Brian Bockelman to a privilege escalation vulnerability affecting Pelican's Web User Interface (WebUI) for various versions...
CVE-2026-7021: A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/sr
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the argu...
Flowise: Remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using `Pandas`.
## Description ### Summary “AirtableAgent” is an agent function provided by FlowiseAI that retrieves search results by accessing private datasets from airtable.com. “AirtableAgent” uses Python, alon...
mlflow: FastAPI job endpoints under `/ajax-api/3.0/jobs/*` are not protected by authentication or authorization
In mlflow/mlflow, the FastAPI job endpoints under `/ajax-api/3.0/jobs/*` are not protected by authentication or authorization when the `basic-auth` app is enabled. This vulnerability affects the lates...
Glances Vulnerable to Cross-Origin System Information Disclosure via XML-RPC Server CORS Wildcard
### Summary The Glances XML-RPC server (activated with glances -s or glances --server) sends Access-Control-Allow-Origin: * on every HTTP response. Because the XML-RPC handler does not validate the C...