Skip to main content

Awesome Llm Apps

1 CVEs product

Monthly

CVE-2026-29871 HIGH This Week

Unauthenticated remote attackers can read arbitrary files from servers running the awesome-llm-apps Beifong AI News and Podcast Agent backend by exploiting a path traversal vulnerability in the stream-audio endpoint (routers/podcast_router.py, function stream_audio). The endpoint concatenates user-controlled path parameters directly into filesystem paths without validation, allowing attackers to traverse directory structures and disclose sensitive configuration files, credentials, and other confidential data. No public exploit code or active exploitation has been independently confirmed at the time of this analysis.

Path Traversal Awesome Llm Apps
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 7.5
HIGH This Week

Unauthenticated remote attackers can read arbitrary files from servers running the awesome-llm-apps Beifong AI News and Podcast Agent backend by exploiting a path traversal vulnerability in the stream-audio endpoint (routers/podcast_router.py, function stream_audio). The endpoint concatenates user-controlled path parameters directly into filesystem paths without validation, allowing attackers to traverse directory structures and disclose sensitive configuration files, credentials, and other confidential data. No public exploit code or active exploitation has been independently confirmed at the time of this analysis.

Path Traversal Awesome Llm Apps
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy