Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/lollms@2.0.23
Typepypi
Namespace
Namelollms
Version2.0.23
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-2gtz-u2kf-43ge
vulnerability_id VCID-2gtz-u2kf-43ge
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-3121
reference_id
reference_type
scores
0
value 0.0015
scoring_system epss
scoring_elements 0.35235
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-3121
1
reference_url https://github.com/ParisNeo/lollms
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ParisNeo/lollms
2
reference_url https://huntr.com/bounties/db57c343-9b80-4c1c-9ab0-9eef92c9b27b
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-06-26T19:04:19Z/
url https://huntr.com/bounties/db57c343-9b80-4c1c-9ab0-9eef92c9b27b
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-3121
reference_id CVE-2024-3121
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-3121
4
reference_url https://github.com/advisories/GHSA-79h8-gxhq-q3jg
reference_id GHSA-79h8-gxhq-q3jg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-79h8-gxhq-q3jg
fixed_packages
aliases CVE-2024-3121, GHSA-79h8-gxhq-q3jg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2gtz-u2kf-43ge
1
url VCID-3fgd-j5hf-pbdy
vulnerability_id VCID-3fgd-j5hf-pbdy
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-4078
reference_id
reference_type
scores
0
value 0.09758
scoring_system epss
scoring_elements 0.93078
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-4078
1
reference_url https://github.com/parisneo/lollms
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/parisneo/lollms
2
reference_url https://github.com/parisneo/lollms/commit/7ebe08da7e0026b155af4f7be1d6417bc64cf02f
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-05-16T14:55:26Z/
url https://github.com/parisneo/lollms/commit/7ebe08da7e0026b155af4f7be1d6417bc64cf02f
3
reference_url https://huntr.com/bounties/a55a8c04-df44-49b2-bcfa-2a2b728a299d
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-05-16T14:55:26Z/
url https://huntr.com/bounties/a55a8c04-df44-49b2-bcfa-2a2b728a299d
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-4078
reference_id CVE-2024-4078
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-4078
5
reference_url https://github.com/advisories/GHSA-pwc9-q4hj-pg8g
reference_id GHSA-pwc9-q4hj-pg8g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pwc9-q4hj-pg8g
fixed_packages
0
url pkg:pypi/lollms@9.5.0
purl pkg:pypi/lollms@9.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gtz-u2kf-43ge
1
vulnerability VCID-5sdj-4ndc-jfgq
2
vulnerability VCID-65fc-fud4-ebaq
3
vulnerability VCID-6m54-wddf-xfft
4
vulnerability VCID-6wvh-ubmj-xkfh
5
vulnerability VCID-7ddt-bekx-8bgx
6
vulnerability VCID-8veb-tbs1-yugg
7
vulnerability VCID-dx4w-1n7h-4uce
8
vulnerability VCID-h2aa-cg34-4ygg
9
vulnerability VCID-ynq9-29u2-2uce
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lollms@9.5.0
aliases CVE-2024-4078, GHSA-pwc9-q4hj-pg8g
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fgd-j5hf-pbdy
2
url VCID-5sdj-4ndc-jfgq
vulnerability_id VCID-5sdj-4ndc-jfgq
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6971
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.08301
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6971
1
reference_url https://github.com/ParisNeo/lollms
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
1
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ParisNeo/lollms
2
reference_url https://github.com/ParisNeo/lollms/commit/aeace796d861e922133b769710019608a6363264
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
1
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/ParisNeo/lollms/commit/aeace796d861e922133b769710019608a6363264
3
reference_url https://huntr.com/bounties/fbfe7cd0-99fb-4305-bd07-8b573364109e
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
1
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
2
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T14:31:13Z/
url https://huntr.com/bounties/fbfe7cd0-99fb-4305-bd07-8b573364109e
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6971
reference_id CVE-2024-6971
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
1
value 1.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6971
5
reference_url https://github.com/advisories/GHSA-7pgr-32fx-c6x9
reference_id GHSA-7pgr-32fx-c6x9
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7pgr-32fx-c6x9
fixed_packages
aliases CVE-2024-6971, GHSA-7pgr-32fx-c6x9
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5sdj-4ndc-jfgq
3
url VCID-65fc-fud4-ebaq
vulnerability_id VCID-65fc-fud4-ebaq
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6139
reference_id
reference_type
scores
0
value 0.00121
scoring_system epss
scoring_elements 0.30784
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6139
1
reference_url https://github.com/ParisNeo/lollms
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ParisNeo/lollms
2
reference_url https://huntr.com/bounties/fd00f112-efd0-40a1-8227-d6733716e4c0
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-27T20:06:46Z/
url https://huntr.com/bounties/fd00f112-efd0-40a1-8227-d6733716e4c0
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6139
reference_id CVE-2024-6139
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6139
4
reference_url https://github.com/advisories/GHSA-w9qf-83jg-2x6c
reference_id GHSA-w9qf-83jg-2x6c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w9qf-83jg-2x6c
fixed_packages
aliases CVE-2024-6139, GHSA-w9qf-83jg-2x6c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-65fc-fud4-ebaq
4
url VCID-6m54-wddf-xfft
vulnerability_id VCID-6m54-wddf-xfft
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6386
reference_id
reference_type
scores
0
value 0.0026
scoring_system epss
scoring_elements 0.49537
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6386
1
reference_url https://github.com/ParisNeo/lollms
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ParisNeo/lollms
2
reference_url https://github.com/parisneo/lollms/commit/f78437f7b5aa39a78c6201912faf4e0645a38c48
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-07T14:22:38Z/
url https://github.com/parisneo/lollms/commit/f78437f7b5aa39a78c6201912faf4e0645a38c48
3
reference_url https://huntr.com/bounties/6da05485-d219-4f18-9ffc-991053524b67
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-07T14:22:38Z/
url https://huntr.com/bounties/6da05485-d219-4f18-9ffc-991053524b67
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-6386
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-6386
5
reference_url https://github.com/advisories/GHSA-j5pr-vrjj-9v4h
reference_id GHSA-j5pr-vrjj-9v4h
reference_type
scores
url https://github.com/advisories/GHSA-j5pr-vrjj-9v4h
fixed_packages
aliases CVE-2025-6386, GHSA-j5pr-vrjj-9v4h
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6m54-wddf-xfft
5
url VCID-6wvh-ubmj-xkfh
vulnerability_id VCID-6wvh-ubmj-xkfh
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6982
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31151
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6982
1
reference_url https://github.com/ParisNeo/lollms
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ParisNeo/lollms
2
reference_url https://github.com/parisneo/lollms/commit/30e7eaba2ccfb751a81e7cb29fdef2ae8ffa6832
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-20T17:49:52Z/
url https://github.com/parisneo/lollms/commit/30e7eaba2ccfb751a81e7cb29fdef2ae8ffa6832
3
reference_url https://huntr.com/bounties/4f8e73ac-aaaf-4d5c-a6dd-58215b5a7fea
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-20T17:49:52Z/
url https://huntr.com/bounties/4f8e73ac-aaaf-4d5c-a6dd-58215b5a7fea
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6982
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6982
5
reference_url https://github.com/advisories/GHSA-jccx-m9v4-9hwh
reference_id GHSA-jccx-m9v4-9hwh
reference_type
scores
url https://github.com/advisories/GHSA-jccx-m9v4-9hwh
fixed_packages
0
url pkg:pypi/lollms@11.0.0
purl pkg:pypi/lollms@11.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6m54-wddf-xfft
1
vulnerability VCID-njnx-s993-bfhx
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lollms@11.0.0
aliases CVE-2024-6982, GHSA-jccx-m9v4-9hwh
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wvh-ubmj-xkfh
6
url VCID-8veb-tbs1-yugg
vulnerability_id VCID-8veb-tbs1-yugg
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6085
reference_id
reference_type
scores
0
value 0.00134
scoring_system epss
scoring_elements 0.33001
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6085
1
reference_url https://github.com/ParisNeo/lollms
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ParisNeo/lollms
2
reference_url https://huntr.com/bounties/d2fb73d7-4b4f-451a-8763-484c189a27fe
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-05T14:03:35Z/
url https://huntr.com/bounties/d2fb73d7-4b4f-451a-8763-484c189a27fe
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6085
reference_id CVE-2024-6085
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6085
4
reference_url https://github.com/advisories/GHSA-9chm-m6x2-6fvc
reference_id GHSA-9chm-m6x2-6fvc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9chm-m6x2-6fvc
fixed_packages
aliases CVE-2024-6085, GHSA-9chm-m6x2-6fvc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8veb-tbs1-yugg
7
url VCID-dx4w-1n7h-4uce
vulnerability_id VCID-dx4w-1n7h-4uce
summary A vulnerability in the discussion image upload function of the Lollms application, version v9.9, allows for the uploading of SVG files. Due to incomplete filtering in the sanitize_svg function, this can lead to cross-site scripting (XSS) vulnerabilities, which in turn pose a risk of remote code execution. The sanitize_svg function only removes script elements and 'on*' event attributes, but does not account for other potential vectors for XSS within SVG files. This vulnerability can be exploited when authorized users access a malicious URL containing the crafted SVG file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6581
reference_id
reference_type
scores
0
value 0.01646
scoring_system epss
scoring_elements 0.82289
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6581
1
reference_url https://github.com/parisneo/lollms
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/parisneo/lollms
2
reference_url https://github.com/parisneo/lollms/commit/328b960a0de2097e13654ac752253e9541521ddd
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
2
value 9.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
3
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T13:17:31Z/
url https://github.com/parisneo/lollms/commit/328b960a0de2097e13654ac752253e9541521ddd
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/lollms/PYSEC-2024-116.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/lollms/PYSEC-2024-116.yaml
4
reference_url https://huntr.com/bounties/ad68ecd6-44e2-449b-8e7e-f2b71b1b43c7
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
2
value 9.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
3
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T13:17:31Z/
url https://huntr.com/bounties/ad68ecd6-44e2-449b-8e7e-f2b71b1b43c7
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6581
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6581
6
reference_url https://github.com/advisories/GHSA-cm59-8rmv-f2cj
reference_id GHSA-cm59-8rmv-f2cj
reference_type
scores
url https://github.com/advisories/GHSA-cm59-8rmv-f2cj
fixed_packages
aliases CVE-2024-6581, GHSA-cm59-8rmv-f2cj, PYSEC-2024-116
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dx4w-1n7h-4uce
8
url VCID-e3ss-pxxn-13ej
vulnerability_id VCID-e3ss-pxxn-13ej
summary A path traversal vulnerability exists in the parisneo/lollms application, affecting version 9.4.0 and potentially earlier versions, but fixed in version 5.9.0. The vulnerability arises due to improper validation of file paths between Windows and Linux environments, allowing attackers to traverse beyond the intended directory and read any file on the Windows system. Specifically, the application fails to adequately sanitize file paths containing backslashes (`\`), which can be exploited to access the root directory and read, or even delete, sensitive files. This issue was discovered in the context of the `/user_infos` endpoint, where a crafted request using backslashes to reference a file (e.g., `\windows\win.ini`) could result in unauthorized file access. The impact of this vulnerability includes the potential for attackers to access sensitive information such as environment variables, database files, and configuration files, which could lead to further compromise of the system.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-4881
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43733
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-4881
1
reference_url https://github.com/parisneo/lollms
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/parisneo/lollms
2
reference_url https://github.com/parisneo/lollms/commit/95ad36eeffc6a6be3e3f35ed35a384d768f0ecf6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-06T20:00:38Z/
url https://github.com/parisneo/lollms/commit/95ad36eeffc6a6be3e3f35ed35a384d768f0ecf6
3
reference_url https://huntr.com/bounties/94f7f901-80b0-4cf5-b545-ac5c1e7635e9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-06T20:00:38Z/
url https://huntr.com/bounties/94f7f901-80b0-4cf5-b545-ac5c1e7635e9
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-4881
reference_id CVE-2024-4881
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-4881
5
reference_url https://github.com/advisories/GHSA-p8h7-c8gw-6x8c
reference_id GHSA-p8h7-c8gw-6x8c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p8h7-c8gw-6x8c
fixed_packages
0
url pkg:pypi/lollms@5.9.0
purl pkg:pypi/lollms@5.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gtz-u2kf-43ge
1
vulnerability VCID-3fgd-j5hf-pbdy
2
vulnerability VCID-5sdj-4ndc-jfgq
3
vulnerability VCID-65fc-fud4-ebaq
4
vulnerability VCID-6m54-wddf-xfft
5
vulnerability VCID-6wvh-ubmj-xkfh
6
vulnerability VCID-7ddt-bekx-8bgx
7
vulnerability VCID-8veb-tbs1-yugg
8
vulnerability VCID-dx4w-1n7h-4uce
9
vulnerability VCID-e3ss-pxxn-13ej
10
vulnerability VCID-gawg-qfyz-xbc1
11
vulnerability VCID-h2aa-cg34-4ygg
12
vulnerability VCID-j8bn-whb2-nkgz
13
vulnerability VCID-mbbx-pbwm-5ydh
14
vulnerability VCID-ynq9-29u2-2uce
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lollms@5.9.0
1
url pkg:pypi/lollms@9.5.0
purl pkg:pypi/lollms@9.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gtz-u2kf-43ge
1
vulnerability VCID-5sdj-4ndc-jfgq
2
vulnerability VCID-65fc-fud4-ebaq
3
vulnerability VCID-6m54-wddf-xfft
4
vulnerability VCID-6wvh-ubmj-xkfh
5
vulnerability VCID-7ddt-bekx-8bgx
6
vulnerability VCID-8veb-tbs1-yugg
7
vulnerability VCID-dx4w-1n7h-4uce
8
vulnerability VCID-h2aa-cg34-4ygg
9
vulnerability VCID-ynq9-29u2-2uce
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lollms@9.5.0
aliases CVE-2024-4881, GHSA-p8h7-c8gw-6x8c, PYSEC-2024-108
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3ss-pxxn-13ej
9
url VCID-gawg-qfyz-xbc1
vulnerability_id VCID-gawg-qfyz-xbc1
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-4315
reference_id
reference_type
scores
0
value 0.00899
scoring_system epss
scoring_elements 0.76001
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-4315
1
reference_url https://github.com/ParisNeo/lollms
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ParisNeo/lollms
2
reference_url https://github.com/parisneo/lollms/commit/95ad36eeffc6a6be3e3f35ed35a384d768f0ecf6
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T14:27:21Z/
url https://github.com/parisneo/lollms/commit/95ad36eeffc6a6be3e3f35ed35a384d768f0ecf6
3
reference_url https://huntr.com/bounties/8a1b0197-2c36-4276-b92b-630a2a9bb09c
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T14:27:21Z/
url https://huntr.com/bounties/8a1b0197-2c36-4276-b92b-630a2a9bb09c
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-4315
reference_id CVE-2024-4315
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-4315
5
reference_url https://github.com/advisories/GHSA-vqwr-q6cc-c242
reference_id GHSA-vqwr-q6cc-c242
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vqwr-q6cc-c242
fixed_packages
0
url pkg:pypi/lollms@9.5.0
purl pkg:pypi/lollms@9.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gtz-u2kf-43ge
1
vulnerability VCID-5sdj-4ndc-jfgq
2
vulnerability VCID-65fc-fud4-ebaq
3
vulnerability VCID-6m54-wddf-xfft
4
vulnerability VCID-6wvh-ubmj-xkfh
5
vulnerability VCID-7ddt-bekx-8bgx
6
vulnerability VCID-8veb-tbs1-yugg
7
vulnerability VCID-dx4w-1n7h-4uce
8
vulnerability VCID-h2aa-cg34-4ygg
9
vulnerability VCID-ynq9-29u2-2uce
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lollms@9.5.0
aliases CVE-2024-4315, GHSA-vqwr-q6cc-c242
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gawg-qfyz-xbc1
10
url VCID-h2aa-cg34-4ygg
vulnerability_id VCID-h2aa-cg34-4ygg
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6281
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.19063
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6281
1
reference_url https://github.com/parisneo/lollms
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/parisneo/lollms
2
reference_url https://github.com/parisneo/lollms/commit/26a3ff35acf152b49e1087d5698ad4864c7b6092
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
2
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T15:08:15Z/
url https://github.com/parisneo/lollms/commit/26a3ff35acf152b49e1087d5698ad4864c7b6092
3
reference_url https://huntr.com/bounties/0a62f2fb-4e62-4128-9dc4-e8f1d959ac61
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
2
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T15:08:15Z/
url https://huntr.com/bounties/0a62f2fb-4e62-4128-9dc4-e8f1d959ac61
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6281
reference_id CVE-2024-6281
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6281
5
reference_url https://github.com/advisories/GHSA-8mrm-r7h3-c3hj
reference_id GHSA-8mrm-r7h3-c3hj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8mrm-r7h3-c3hj
fixed_packages
0
url pkg:pypi/lollms@9.5.1
purl pkg:pypi/lollms@9.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gtz-u2kf-43ge
1
vulnerability VCID-5sdj-4ndc-jfgq
2
vulnerability VCID-65fc-fud4-ebaq
3
vulnerability VCID-6m54-wddf-xfft
4
vulnerability VCID-6wvh-ubmj-xkfh
5
vulnerability VCID-8veb-tbs1-yugg
6
vulnerability VCID-dx4w-1n7h-4uce
7
vulnerability VCID-ynq9-29u2-2uce
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lollms@9.5.1
aliases CVE-2024-6281, GHSA-8mrm-r7h3-c3hj
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h2aa-cg34-4ygg
11
url VCID-j8bn-whb2-nkgz
vulnerability_id VCID-j8bn-whb2-nkgz
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-3429
reference_id
reference_type
scores
0
value 0.00398
scoring_system epss
scoring_elements 0.60898
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-3429
1
reference_url https://github.com/parisneo/lollms
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/parisneo/lollms
2
reference_url https://github.com/parisneo/lollms/commit/f4424cfc3d6dfb3ad5ac17dd46801efe784933e9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:17:14Z/
url https://github.com/parisneo/lollms/commit/f4424cfc3d6dfb3ad5ac17dd46801efe784933e9
3
reference_url https://huntr.com/bounties/fd8f50c8-17f0-40be-a2c6-bb8d80f7c409
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-10T18:17:14Z/
url https://huntr.com/bounties/fd8f50c8-17f0-40be-a2c6-bb8d80f7c409
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-3429
reference_id CVE-2024-3429
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-3429
5
reference_url https://github.com/advisories/GHSA-3x47-w4rx-6pm7
reference_id GHSA-3x47-w4rx-6pm7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3x47-w4rx-6pm7
fixed_packages
0
url pkg:pypi/lollms@9.5.0
purl pkg:pypi/lollms@9.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gtz-u2kf-43ge
1
vulnerability VCID-5sdj-4ndc-jfgq
2
vulnerability VCID-65fc-fud4-ebaq
3
vulnerability VCID-6m54-wddf-xfft
4
vulnerability VCID-6wvh-ubmj-xkfh
5
vulnerability VCID-7ddt-bekx-8bgx
6
vulnerability VCID-8veb-tbs1-yugg
7
vulnerability VCID-dx4w-1n7h-4uce
8
vulnerability VCID-h2aa-cg34-4ygg
9
vulnerability VCID-ynq9-29u2-2uce
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lollms@9.5.0
aliases CVE-2024-3429, GHSA-3x47-w4rx-6pm7
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j8bn-whb2-nkgz
12
url VCID-mbbx-pbwm-5ydh
vulnerability_id VCID-mbbx-pbwm-5ydh
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5824
reference_id
reference_type
scores
0
value 0.01395
scoring_system epss
scoring_elements 0.80702
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5824
1
reference_url https://github.com/parisneo/lollms
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/parisneo/lollms
2
reference_url https://github.com/parisneo/lollms/commit/eda3af5f5c4ea9b2f3569f72f8d05989e29367fc
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-28T15:07:58Z/
url https://github.com/parisneo/lollms/commit/eda3af5f5c4ea9b2f3569f72f8d05989e29367fc
3
reference_url https://huntr.com/bounties/9ceb7cf9-a7cd-4699-b3f8-d0999d2b49fd
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-28T15:07:58Z/
url https://huntr.com/bounties/9ceb7cf9-a7cd-4699-b3f8-d0999d2b49fd
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-5824
reference_id CVE-2024-5824
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-5824
5
reference_url https://github.com/advisories/GHSA-m45c-v46h-c788
reference_id GHSA-m45c-v46h-c788
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m45c-v46h-c788
fixed_packages
0
url pkg:pypi/lollms@9.5.0
purl pkg:pypi/lollms@9.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gtz-u2kf-43ge
1
vulnerability VCID-5sdj-4ndc-jfgq
2
vulnerability VCID-65fc-fud4-ebaq
3
vulnerability VCID-6m54-wddf-xfft
4
vulnerability VCID-6wvh-ubmj-xkfh
5
vulnerability VCID-7ddt-bekx-8bgx
6
vulnerability VCID-8veb-tbs1-yugg
7
vulnerability VCID-dx4w-1n7h-4uce
8
vulnerability VCID-h2aa-cg34-4ygg
9
vulnerability VCID-ynq9-29u2-2uce
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lollms@9.5.0
aliases CVE-2024-5824, GHSA-m45c-v46h-c788
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbbx-pbwm-5ydh
13
url VCID-ynq9-29u2-2uce
vulnerability_id VCID-ynq9-29u2-2uce
summary A path traversal vulnerability exists in the api open_personality_folder endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read any folder in the personality_folder on the victim's computer, even though sanitize_path is set. The issue arises due to improper sanitization of the personality_folder parameter, which can be exploited to traverse directories and access arbitrary files.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6985
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.1701
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6985
1
reference_url https://github.com/ParisNeo/lollms
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ParisNeo/lollms
2
reference_url https://github.com/parisneo/lollms/commit/28ee567a9a120967215ff19b96ab7515ce469620
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
2
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T16:13:21Z/
url https://github.com/parisneo/lollms/commit/28ee567a9a120967215ff19b96ab7515ce469620
3
reference_url https://huntr.com/bounties/79c11579-47d8-4e68-8466-b47c3bf5ef6a
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
2
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-11T16:13:21Z/
url https://huntr.com/bounties/79c11579-47d8-4e68-8466-b47c3bf5ef6a
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-6985
reference_id CVE-2024-6985
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-6985
5
reference_url https://github.com/advisories/GHSA-6h64-g7cj-hj56
reference_id GHSA-6h64-g7cj-hj56
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6h64-g7cj-hj56
fixed_packages
0
url pkg:pypi/lollms@5.9.0
purl pkg:pypi/lollms@5.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2gtz-u2kf-43ge
1
vulnerability VCID-3fgd-j5hf-pbdy
2
vulnerability VCID-5sdj-4ndc-jfgq
3
vulnerability VCID-65fc-fud4-ebaq
4
vulnerability VCID-6m54-wddf-xfft
5
vulnerability VCID-6wvh-ubmj-xkfh
6
vulnerability VCID-7ddt-bekx-8bgx
7
vulnerability VCID-8veb-tbs1-yugg
8
vulnerability VCID-dx4w-1n7h-4uce
9
vulnerability VCID-e3ss-pxxn-13ej
10
vulnerability VCID-gawg-qfyz-xbc1
11
vulnerability VCID-h2aa-cg34-4ygg
12
vulnerability VCID-j8bn-whb2-nkgz
13
vulnerability VCID-mbbx-pbwm-5ydh
14
vulnerability VCID-ynq9-29u2-2uce
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/lollms@5.9.0
aliases CVE-2024-6985, GHSA-6h64-g7cj-hj56, PYSEC-2024-122
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ynq9-29u2-2uce
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/lollms@2.0.23