VIR Vulnerability Intelligence Relay

Package impact

python PyPI / lollms

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-1114 critical 9.8 9.8 2mo ago In parisneo/lollms version 2.1.0, the application's session management is vulnerable to improper access control due to the use of a weak secret key for signing JSON Web Tokens (JWT). This vulnerabili…
CVE-2026-1163 medium 4.1 4.1 2mo ago parisneo/lollms has an insufficient session expiration vulnerability