Export limit exceeded: 364353 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (2 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-58198 1 Gunthercox 1 Chatterbot 2026-07-09 5.5 Medium
ChatterBot is a machine learning, conversational dialog engine for creating chat bots. Prior to 1.2.14, UbuntuCorpusTrainer.extract() uses a predictable home-rooted output directory (~/ubuntu_data/ubuntu_dialogs) with a check-then-create pattern followed by tar.extractall(path=self.data_path), allowing a local attacker who pre-plants a symlink at the predictable path to cause archive contents to be written through the symlink to an attacker-chosen directory. This issue is fixed in version 1.2.14.
CVE-2026-23842 2 Chatterbot, Gunthercox 2 Chatterbot, Chatterbot 2026-04-18 7.5 High
ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the get_response() method can exhaust the underlying SQLAlchemy connection pool, resulting in persistent service unavailability and requiring a manual restart to recover. Version 1.2.11 fixes the issue.