AI Threat Alert
Attack Type
Social Engineering
Social engineering attacks leverage AI systems to enhance phishing, impersonation, or deception — including deepfakes, AI-generated spear phishing, and automated social manipulation.
28
Total CVEs
2
Pages
Page 2 of 2
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| MEDIUM | CVE-2024-7044 | Open WebUI: Stored XSS via file upload, session hijack | open-webui | 6.8 |
| HIGH | CVE-2025-23205 | nbgrader: Clickjacking exposes formgrader via IFrame | - | |
| MEDIUM | CVE-2024-6581 | Lollms: SVG upload XSS enables session hijack and RCE | lollms | 6.5 |
| MEDIUM | CVE-2026-33720 | n8n: OAuth state forgery hijacks user credentials | n8n | 4.2 |
| MEDIUM | GHSA-364x-8g5j-x2pr | n8n: stored XSS via malicious OAuth2 Authorization URL | n8n | 5.4 |
| MEDIUM | GHSA-w673-8fjw-457c | n8n: stored XSS enables phishing via Form Node | n8n | 4.1 |
| MEDIUM | GHSA-q4fm-pjq6-m63g | n8n: Stored XSS in Form Trigger enables phishing | n8n | 5.4 |
| MEDIUM | CVE-2026-33709 | JupyterHub: open redirect enables post-login phishing | - |
Page 2 of 2