Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-44843 |
|
Unsafe Deserialization in langchain-core (CVE-2026-44843)
vulnerability in langchain-core (CVE-2026-44843). Confidential information can be exposed externally. Exploitable via ``RunnableWithMessageHistory``. Mitigation: upgrade to `0.3.85` or later.
|
| CVE-2026-42271 KEV |
|
[KEV] Command Injection in Berriai litellm (CVE-2026-42271)
command injection in Berriai litellm (CVE-2026-42271). Successful exploitation can lead to full system takeover. Exploitable via `POST /mcp-rest/test/connection`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.83.7` or later.
|
| CVE-2026-42203 |
|
Vulnerability in litellm (CVE-2026-42203)
vulnerability in litellm (CVE-2026-42203). Successful exploitation can lead to full system takeover. Exploitable via `POST /prompts/test`. Mitigation: upgrade to `1.83.7` or later.
|
| CVE-2026-42208 KEV |
|
[KEV] SQL Injection in Berriai litellm (CVE-2026-42208)
SQL injection in Berriai litellm (CVE-2026-42208). Successful exploitation can lead to full system takeover. Exploitable via `POST /chat/completions`. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `>=1.83.7` or later.
|
| CVE-2026-44513 |
|
Code Injection in diffusers (CVE-2026-44513)
code injection in diffusers (CVE-2026-44513). Successful exploitation can lead to full system takeover. Exploitable via ``trust_remote_code``. Mitigation: upgrade to `0.38.0` or later.
|
| CVE-2026-44827 |
|
Code Injection in diffusers (CVE-2026-44827)
code injection in diffusers (CVE-2026-44827). Successful exploitation can lead to full system takeover. Exploitable via ``DiffusionPipeline.from_pretrained``. Mitigation: upgrade to `0.38.0` or later.
|
| CVE-2026-44223 |
|
Vulnerability in vllm (CVE-2026-44223)
vulnerability in vllm (CVE-2026-44223). Risk of unauthorized operations or information disclosure. Exploitable via ``extract_hidden_states``. Mitigation: upgrade to `0.20.0` or later.
|
| CVE-2026-7482 |
|
Out-of-Bounds Read in github.com/ollama/ollama (CVE-2026-7482)
vulnerability in github.com/ollama/ollama (CVE-2026-7482). Confidential information can be exposed externally. Mitigation: upgrade to `0.17.1` or later.
|
| CVE-2026-42249 |
|
Path Traversal in path-traversal (CVE-2026-42249)
path traversal in path-traversal (CVE-2026-42249). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42248 |
|
Vulnerability in ollama (CVE-2026-42248)
vulnerability in ollama (CVE-2026-42248). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41481 |
|
SSRF (Server-Side Request Forgery) in langchain-text-splitters (CVE-2026-41481)
SSRF in langchain-text-splitters (CVE-2026-41481). Confidential information can be exposed externally. Exploitable via ``Document``. Mitigation: upgrade to `1.1.2` or later.
|
| CVE-2026-40190 |
|
Vulnerability in langchain (CVE-2026-40190)
vulnerability in langchain (CVE-2026-40190). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.5.18` or later.
|
| CVE-2026-35030 |
|
Authentication Bypass in litellm (CVE-2026-35030)
authentication bypass in litellm (CVE-2026-35030). Confidential information can be exposed externally. Mitigation: upgrade to `1.83.0` or later.
|
| CVE-2026-35029 |
|
Authorization Flaw in litellm (CVE-2026-35029)
vulnerability in litellm (CVE-2026-35029). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.83.0` or later.
|
| CVE-2026-34756 |
|
Vulnerability in dos (CVE-2026-34756)
vulnerability in dos (CVE-2026-34756). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.19.0` or later.
|
| CVE-2026-34755 |
|
Vulnerability in vllm (CVE-2026-34755)
vulnerability in vllm (CVE-2026-34755). Risk of unauthorized operations or information disclosure. Exploitable via `POST /v1/chat/completions`. Mitigation: upgrade to `0.19.0` or later.
|
| CVE-2026-0545 |
|
Vulnerability in dos (CVE-2026-0545)
vulnerability in dos (CVE-2026-0545). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34760 |
|
Vulnerability in vllm (CVE-2026-34760)
vulnerability in vllm (CVE-2026-34760). Data can be tampered with by attackers.
|
| CVE-2026-34070 |
|
Path Traversal in path-traversal (CVE-2026-34070)
path traversal in path-traversal (CVE-2026-34070). Confidential information can be exposed externally.
|
| CVE-2025-15379 |
|
Command Injection in lfprojects (CVE-2025-15379)
command injection in lfprojects (CVE-2025-15379). Successful exploitation can lead to full system takeover. Exploitable via ``python_env.yaml``.
|
| CVE-2025-15036 |
|
Vulnerability in path-traversal (CVE-2025-15036)
vulnerability in path-traversal (CVE-2025-15036). Successful exploitation can lead to full system takeover. Exploitable via ``extract_archive_to_dir``.
|
| CVE-2025-15381 |
|
Information Disclosure in lfprojects (CVE-2025-15381)
vulnerability in lfprojects (CVE-2025-15381). Data can be tampered with by attackers. Exploitable via ``NO_PERMISSIONS``.
|
| CVE-2026-27893 |
|
Vulnerability in vllm (CVE-2026-27893)
vulnerability in vllm (CVE-2026-27893). Successful exploitation can lead to full system takeover.
|
| CVE-2025-15031 |
|
Path Traversal in lfprojects (CVE-2025-15031)
path traversal in lfprojects (CVE-2025-15031). Confidential information can be exposed externally. Exploitable via ``tarfile.extractall``.
|
| CVE-2025-14287 |
|
Code Injection in lfprojects (CVE-2025-14287)
code injection in lfprojects (CVE-2025-14287). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25960 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-25960)
SSRF in ssrf (CVE-2026-25960). Confidential information can be exposed externally.
|
| CVE-2026-22778 |
|
Vulnerability in vllm (CVE-2026-22778)
vulnerability in vllm (CVE-2026-22778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.14.1` or later.
|
| CVE-2026-24779 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-24779)
SSRF in ssrf (CVE-2026-24779). Confidential information can be exposed externally. Exploitable via ``MediaConnector``.
|
| CVE-2026-24747 |
|
Code Injection in linuxfoundation (CVE-2026-24747)
code injection in linuxfoundation (CVE-2026-24747). Successful exploitation can lead to full system takeover. Exploitable via ``weights_only``.
|
| CVE-2026-22807 |
|
Code Injection in vllm (CVE-2026-22807)
code injection in vllm (CVE-2026-22807). Successful exploitation can lead to full system takeover. Exploitable via ``auto_map``.
|
| CVE-2025-15514 |
|
Vulnerability in dos (CVE-2025-15514)
vulnerability in dos (CVE-2025-15514). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-63396 |
|
Vulnerability in pytorch (CVE-2025-63396)
vulnerability in pytorch (CVE-2025-63396). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.5.1, 2.8.0` or later.
|
| CVE-2023-36095 |
|
Code Injection in langchain (CVE-2023-36095)
code injection in langchain (CVE-2023-36095). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.0.236` or later.
|