Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

parisneo — Vulnerabilities & Security Advisories 82

Browse all 82 CVE security advisories affecting parisneo. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by parisneo:parisneo/lollms-webuiparisneo/lollmslollms-webui
CVE IDTitleCVSSSeverityPublished
CVE-2026-1116 Cross-site Scripting (XSS) in parisneo/lollms — parisneo/lollmsCWE-79 5.4AIMediumAI2026-04-12
CVE-2026-1115 Stored XSS in parisneo/lollms — parisneo/lollmsCWE-79 6.1AIMediumAI2026-04-10
CVE-2026-1163 Insufficient Session Expiration in parisneo/lollms — parisneo/lollmsCWE-613 9.1AICriticalAI2026-04-08
CVE-2026-1114 Improper Access Control via Weak JWT Token in parisneo/lollms — parisneo/lollmsCWE-284 9.8AICriticalAI2026-04-07
CVE-2026-0558 Unauthenticated File Upload in parisneo/lollms — parisneo/lollmsCWE-287 9.8 -2026-03-29
CVE-2026-0560 Server-Side Request Forgery (SSRF) in parisneo/lollms — parisneo/lollmsCWE-918 9.8 -2026-03-29
CVE-2026-0562 Insecure Direct Object Reference (IDOR) in parisneo/lollms — parisneo/lollmsCWE-863 6.5 -2026-03-29
CVE-2026-33340 LoLLMs WEBUI has unauthenticated Server-Side Request Forgery (SSRF) in /api/proxy endpoint — lollms-webuiCWE-306 9.1 Critical2026-03-24
CVE-2024-2356 Remote Code Execution due to LFI in '/reinstall_extension' in parisneo/lollms-webui — parisneo/lollms-webuiCWE-29 9.8AICriticalAI2026-02-02
CVE-2026-1117 Improper Access Control in parisneo/lollms — parisneo/lollmsCWE-284 8.1AIHighAI2026-02-02
CVE-2025-6386 Timing Attack Vulnerability in parisneo/lollms — parisneo/lollmsCWE-203 5.9AIMediumAI2025-07-07
CVE-2024-12766 SSRF in parisneo/lollms-webui — parisneo/lollms-webuiCWE-918 9.8 -2025-03-20
CVE-2024-8736 Denial of Service (DoS) via Multipart Boundary in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 6.5 -2025-03-20
CVE-2024-8898 Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-22 9.1 -2025-03-20
CVE-2025-1451 Insufficient Patch Leading to DoS in parisneo/lollms-webui — parisneo/lollms-webuiCWE-770 7.5 -2025-03-20
CVE-2024-6986 Cross-site Scripting (XSS) in parisneo/lollms-webui — parisneo/lollms-webuiCWE-79 5.4 -2025-03-20
CVE-2024-6982 Remote Code Execution in Calculate Function in parisneo/lollms — parisneo/lollmsCWE-94 9.8 -2025-03-20
CVE-2024-10019 Path Traversal and OS Command Injection in parisneo/lollms-webui — parisneo/lollms-webuiCWE-78 9.8 -2025-03-20
CVE-2024-9920 Unrestricted File Upload and Execution in parisneo/lollms-webui — parisneo/lollms-webuiCWE-434 9.8 -2025-03-20
CVE-2024-9919 Missing Authentication Check in parisneo/lollms-webui — parisneo/lollms-webuiCWE-306 7.5 -2025-03-20
CVE-2024-7058 Relative Path Traversal in parisneo/lollms-webui — parisneo/lollmsCWE-23 6.5 -2025-03-20
CVE-2024-10047 Directory Listing Vulnerability in parisneo/lollms-webui — parisneo/lollms-webuiCWE-36 5.3 -2025-03-20
CVE-2024-9597 Path Traversal in parisneo/lollms — parisneo/lollmsCWE-22 9.1 -2025-03-20
CVE-2024-8581 Path Traversal in parisneo/lollms-webui — parisneo/lollms-webuiCWE-22 7.5 -2025-03-20
CVE-2024-11302 Missing check_access in lollms_binding_infos in parisneo/lollms — parisneo/lollmsCWE-304 9.1 -2025-03-20
CVE-2024-5125 XSS and Open Redirect via SVG File Upload in parisneo/lollms-webui — parisneo/lollms-webuiCWE-79 6.1 -2024-11-14
CVE-2024-6673 CSRF Vulnerability in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 8.1AIHighAI2024-10-29
CVE-2024-6581 Remote Code Execution due to Stored XSS in parisneo/lollms — parisneo/lollmsCWE-79 8.2AIHighAI2024-10-29
CVE-2024-6674 Data Leak through CORS Misconfiguration in parisneo/lollms-webui — parisneo/lollms-webuiCWE-346 7.1AIHighAI2024-10-29
CVE-2024-6959 Denial of Service (DOS) in multipart boundary while uploading file in parisneo/lollms-webui — parisneo/lollms-webuiCWE-352 7.5 -2024-10-13

This page lists every published CVE security advisory associated with parisneo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.