tag
AI-Application
Critical
Langflow Missing-Authentication Remote Code Execution (CVE-2025-3248)
CVE-2025-3248·
Langflow (open-source AI/LLM workflow builder)
patched
High
Authenticated Command Injection in LiteLLM MCP Test Endpoints (CVE-2026-42271)
CVE-2026-42271·
BerriAI LiteLLM (proxy) — MCP preview/test endpoints
patched
High
Claude Desktop Cowork VM Image Integrity Bypass / Local Persistence (CVE-2026-7574)
CVE-2026-7574·
Anthropic Claude Desktop — Cowork feature
unpatched