24 Total advisories
24 Vulnerabilities
0 Malware
Vulnerabilities
HIGH 7.5
CVE-2024-4881
CVE-2024-4881
CRITICAL 9.0
CVE-2024-6581
CVE-2024-6581
MEDIUM 4.4
CVE-2024-6985
CVE-2024-6985
HIGH 8.3
CVE-2026-0562
CVE-2026-0562
CRITICAL 9.8
CVE-2026-1114
CVE-2026-1114
CRITICAL 9.6
CVE-2026-1115
parisneo/lollms vulnerable to stored XSS in the social feature
MEDIUM 4.1
CVE-2026-1163
parisneo/lollms has an insufficient session expiration vulnerability
HIGH 8.2
CVE-2026-1117
Lollms has an Improper Access Control vulnerability
HIGH 7.3
CVE-2024-6281
LoLLMS vulnerable to Expected Behavior Violation
MEDIUM 4.0
CVE-2024-4330
path traversal vulnerability was identified in the parisneo/lollms-webui
HIGH 7.5
CVE-2025-6386
Lord of Large Language Models vulnerable to Observable Discrepancy attack via authenticate_user function
HIGH 8.4
CVE-2024-6982
LoLLMS Code Injection vulnerability
MEDIUM 4.4
CVE-2024-6985
Lord of Large Language Models (LoLLMs) path traversal vulnerability in the api open_personality_folder endpoint
MEDIUM 6.5
CVE-2024-6581
Lollms vulnerable to Cross-site Scripting
HIGH 7.5
CVE-2024-4881
LoLLMS Path Traversal vulnerability
LOW 3.4
CVE-2024-6971
Lord of Large Language Models (LoLLMs) Server path traversal vulnerability in lollms_file_system.py
CRITICAL 9.8
CVE-2024-3429
LoLLMS Path Traversal vulnerability
CRITICAL 9.8
CVE-2024-4078
LoLLMS Command Injection vulnerability
MEDIUM 6.8
CVE-2024-3121
Remote Code Execution in create_conda_env function in lollms
HIGH 8.6
CVE-2024-6085
lollms vulnerable to path traversal due to unauthenticated root folder settings change
HIGH 7.3
CVE-2024-6139
lollms vulnerable to dot-dot-slash path traversal in XTTS server
HIGH 7.4
CVE-2024-5824
lollms path traversal vulnerability allows overriding of config.yaml file, leading to RCE
CRITICAL 9.8
CVE-2024-5443
Remote Code Execution via path traversal bypass in lollms
CRITICAL 9.1
CVE-2024-4315
parisneo/lollms Local File Inclusion (LFI) attack
Ready to move
Start Securing
Free, no credit card | First findings in minutes