VYPR

Millie Chatbot

by 1millionbot

CVEs (2)

  • CVE-2026-4399HigMar 31, 2026
    risk 0.49cvss 7.5epss 0.00

    Prompt injection vulnerability in 1millionbot Millie chatbot that occurs when a user manages to evade chat restrictions using Boolean prompt injection techniques (formulating a question in such a way that, upon receiving an affirmative response ('true'), the model executes the…

  • CVE-2026-4400MedMar 31, 2026
    risk 0.42cvss 6.5epss 0.00

    Insecure Direct Object Reference (IDOR) vulnerability in 1millionbot Millie chat that allows private conversations of other users being viewed by simply changing the conversation ID. The vulnerability is present in the endpoint 'api.1millionbot.com/api/public/conversations/'…