Known Vulnerabilities for Create by Mischiefmarmot
Listed below are 10 of the newest known vulnerabilities associated with "Create" by "Mischiefmarmot".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59821 json | LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.82.0-stable, LiteLLM's Custo... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-59802 json | PasswordPusher before 2.8.1 accepts data URI schemes in URL push payloads due to insufficient validation in the valid_url fun... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-59097 json | Taiga before 6.10.2 contains a missing authorization vulnerability that allows unauthenticated remote attackers to create def... | Not Provided | 2026-07-02 | 2026-07-06 |
| CVE-2026-59093 json | Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds the permissions granted by t... | Not Provided | 2026-07-02 | 2026-07-06 |
| CVE-2026-58656 json | Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-A... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-58653 json | PraisonAI before 0.1.7 fails to validate that project_id in issue create and update request bodies belongs to the URL workspa... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-58579 json | RAGFlow before 0.26.3 stores an agent pipeline (DSL) node name without sanitization: the agent update endpoint normalizes the... | Not Provided | 2026-07-02 | 2026-07-06 |
| CVE-2026-58377 json | JeecgBoot through 3.9.2 contains a broken access control vulnerability that allows authenticated low-privilege users to perfo... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-58165 json | OpenZiti through 2.0.0, fixed in commit 3027fdf, contains a privilege escalation vulnerability that allows authenticated non-... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-58053 json | Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job... | Not Provided | 2026-06-28 | 2026-06-30 |