PoC Archive PoC Archive

tag

AI-Application

Critical
Langflow Missing-Authentication Remote Code Execution (CVE-2025-3248)
CVE-2025-3248· Langflow (open-source AI/LLM workflow builder) patched
High
Authenticated Command Injection in LiteLLM MCP Test Endpoints (CVE-2026-42271)
CVE-2026-42271· BerriAI LiteLLM (proxy) — MCP preview/test endpoints patched
High
Claude Desktop Cowork VM Image Integrity Bypass / Local Persistence (CVE-2026-7574)
CVE-2026-7574· Anthropic Claude Desktop — Cowork feature unpatched