Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

parisneo/lollms — Vulnerabilities & Security Advisories 28

All 28 CVE vulnerabilities found in parisneo/lollms, with AI-generated Chinese analysis, references, and POCs.

Vendor: parisneo

CVE IDTitleCVSSSeverityPublished
CVE-2026-1116 Cross-site Scripting (XSS) in parisneo/lollms CWE-79 5.4AIMediumAI2026-04-12
CVE-2026-1115 Stored XSS in parisneo/lollms CWE-79 6.1AIMediumAI2026-04-10
CVE-2026-1163 Insufficient Session Expiration in parisneo/lollms CWE-613 9.1AICriticalAI2026-04-08
CVE-2026-1114 Improper Access Control via Weak JWT Token in parisneo/lollms CWE-284 9.8AICriticalAI2026-04-07
CVE-2026-0558 Unauthenticated File Upload in parisneo/lollms CWE-287 9.8 -2026-03-29
CVE-2026-0560 Server-Side Request Forgery (SSRF) in parisneo/lollms CWE-918 9.8 -2026-03-29
CVE-2026-0562 Insecure Direct Object Reference (IDOR) in parisneo/lollms CWE-863 6.5 -2026-03-29
CVE-2026-1117 Improper Access Control in parisneo/lollms CWE-284 8.1AIHighAI2026-02-02
CVE-2025-6386 Timing Attack Vulnerability in parisneo/lollms CWE-203 5.9AIMediumAI2025-07-07
CVE-2024-6982 Remote Code Execution in Calculate Function in parisneo/lollms CWE-94 9.8 -2025-03-20
CVE-2024-7058 Relative Path Traversal in parisneo/lollms-webui CWE-23 6.5 -2025-03-20
CVE-2024-9597 Path Traversal in parisneo/lollms CWE-22 9.1 -2025-03-20
CVE-2024-11302 Missing check_access in lollms_binding_infos in parisneo/lollms CWE-304 9.1 -2025-03-20
CVE-2024-6581 Remote Code Execution due to Stored XSS in parisneo/lollms CWE-79 8.2AIHighAI2024-10-29
CVE-2024-6985 Path Traversal in api open_personality_folder in parisneo/lollms-webui CWE-23 7.5AIHighAI2024-10-11
CVE-2024-6971 Path Traversal in parisneo/lollms-webui CWE-22 8.4AIHighAI2024-10-11
CVE-2024-6040 Missing client_id in parisneo/lollms-webui CWE-352 8.8AIHighAI2024-08-01
CVE-2024-6281 Path Traversal in parisneo/lollms CWE-22 7.5 -2024-07-20
CVE-2024-6139 Path Traversal in parisneo/lollms CWE-29 5.3AIMediumAI2024-06-27
CVE-2024-5824 Path Traversal in parisneo/lollms CWE-22 9.8AICriticalAI2024-06-27
CVE-2024-6085 Path Traversal in parisneo/lollms CWE-22 9.1AICriticalAI2024-06-27
CVE-2024-4499 CSRF Vulnerability in parisneo/lollms XTTS Server CWE-352 8.1AIHighAI2024-06-24
CVE-2024-3121 Remote Code Execution in create_conda_env function in parisneo/lollms CWE-94 9.8 -2024-06-24
CVE-2024-5443 Remote Code Execution via Path Traversal in parisneo/lollms CWE-29 9.1 -2024-06-22
CVE-2024-4315 LFI Vulnerability due to Lack of Path Sanitization in parisneo/lollms CWE-22 9.8AICriticalAI2024-06-12
CVE-2024-3429 Path Traversal in parisneo/lollms CWE-29 9.1AICriticalAI2024-06-06
CVE-2024-4881 Path Traversal in parisneo/lollms CWE-36 9.1AICriticalAI2024-06-06
CVE-2024-4078 Arbitrary Code Execution in parisneo/lollms CWE-77 9.8AICriticalAI2024-05-16

All 28 known CVE vulnerabilities affecting parisneo/lollms with full Chinese analysis, references, and POCs where available.