Live Latest activity →

Lollms Lollms Vulnerabilities

3 advisories affecting Lollms Lollms

3

Total CVEs

1

Critical

2

High

CVE-2026-1116

Apr 12, 2026

High (8.2)

A Cross-site Scripting (XSS) vulnerability was identified in the `from_dict` method of the `AppLollmsMessage` class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from the lack of...

Read Advisory

CVE-2026-1115

Apr 10, 2026

Critical (9.6)

A Stored Cross-Site Scripting (XSS) vulnerability was identified in the social feature of parisneo/lollms, affecting the latest version prior to 2.2.0. The vulnerability exists in the `create_post` fu...

Read Advisory

CVE-2026-0560

Mar 29, 2026

High (7.5)

A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the `/api/files/export-content` endpoint. The `_download_image_to_temp()` function...

Read Advisory

Never Miss a Critical Alert

CVE advisories, breach reports, and threat intel — delivered daily to your inbox.