Vendor
Products
2
CVEs
3
Across products
4
Status
Private
Products
2- 2 CVEs
- 2 CVEs
Recent CVEs
3| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-59835 | Hig | 0.49 | — | 0.00 | Oct 2, 2025 | LangBot is a global IM bot platform designed for LLMs. In versions 4.1.0 up to but not including 4.3.5, authorized attackers can exploit the /api/v1/files/documents interface to perform arbitrary file uploads. Since this interface does not strictly restrict the storage directory of files on the server, it is possible to upload dangerous files to specific system directories. This is fixed in version 4.3.5. | |
| CVE-2026-28509 | 0.00 | — | 0.00 | Mar 6, 2026 | LangBot is a global IM bot platform designed for LLMs. Prior to version 4.8.7, LangBot’s web UI renders user-supplied raw HTML using rehypeRaw, which can lead to a cross-site scripting (XSS) vulnerability. This issue has been patched in version 4.8.7. | ||
| CVE-2002-2398 | 0.00 | — | 0.00 | Dec 31, 2002 | The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter. |