CVE-2025-3248: Previous Langflow Vulnerability Exploited for Flodrix Botnet
CVE-2025-3248 is a critical Langflow vulnerability (CVSS 9.8) that was exploited in June 2025 to distribute the Flodrix botnet malware, highlighting ongoing…
CVE-2025-3248 is a critical Langflow vulnerability (CVSS 9.8) that was exploited in June 2025 to distribute the Flodrix botnet malware, highlighting ongoing…
CVE-2026-33017 is an unauthenticated remote code execution vulnerability in Langflow with a CVSS score of 9.3. It allows threat actors to execute…
CVE-2026-49777 is a critical vulnerability in the Product Slider Pro for WooCommerce plugin from ShapedPlugin, with a CVSS score of 10.0. It…
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or…
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or…
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, This vulnerability is…
A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution…
A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in…
There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an…
In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible