CNNVD-202509-1862 Information
CNNVD ID
CNNVD-202509-1862
Related CVE
- CNNVD Published: 2025-09-14
Description (Chinese)
Morphic是Yoshiki Miura个人开发者的一个具有生成式用户界面的人工智能搜索引擎。 Morphic 0.4.5及之前版本存在代码问题漏洞,该漏洞源于HTTP Status Code 3xx Handler组件中/api/advanced-search文件的fetchHtml函数存在缺陷,可能导致服务端请求伪造攻击。
Description (English)
Morphic is an artificial intelligence search engine with an interactive user interface for Yoshiki Miura personal developers. Morphic 0.4.5 and previous versions had a code problem loophole, which stemmed from the defects in the FetchHtml function of the /api/advanced-search file in the HTTP Status Code 3xx Handler component, which could lead to a request for a false attack by the service.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
个人开发者
Published
2025-09-14
Last Modified
2026-02-24
References
https://vuldb.com/?id.323828 https://vuldb.com/?ctiid.323828 https://github.com/miurla/morphic/issues/670 https://vuldb.com/?submit.645509 https://access.redhat.com/security/cve/cve-2025-10393
Patch
https://github.com/miurla/morphic/releases
Share on: