All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Cursor is a code editor that uses AI to help with programming. Before September 27, 2024, attackers could trick Cursor's command generation feature into running harmful commands if a user imported a malicious website into the prompt and the attacker used prompt injection (hidden instructions in text that manipulate AI behavior) on that website. A server-side patch was released quickly to block dangerous characters, and Cursor version 0.42 added client-side protections and a new preview box setting that requires manual approval before commands run.
Fix: A server-side patch released on September 27, 2024 prevents newlines or control characters from being streamed back. Cursor 0.42 includes client-side mitigations that block newlines or control characters from entering the terminal directly. Users can enable the setting `"cursor.terminal.usePreviewBox"` and set it to `true` to stream responses into a preview box that must be manually accepted before inserting into the terminal. The patch is applied server-side, so no additional action is needed on older versions. Additionally, Cursor's maintainers recommend only including trusted context in prompts as a best practice.
NVD/CVE DatabaseA bug in the Linux kernel's audio sound system (ASoC) incorrectly checked the maximum value for _sx controls (special volume controls where the max field means the number of steps, not the maximum value itself). The bounds check in snd_soc_put_volsw_sx() (a function that validates input values) needed to be fixed to properly check against the actual maximum value instead.
A vulnerability in the Linux kernel's BPF (Berkeley Packet Filter, a system for running safe code inside the kernel) subsystem could leak memory when certain helper functions encounter errors. The fix ensures that pointer arguments are zeroed out when errors occur, preventing sensitive kernel data from being accidentally exposed.
A vulnerability in Affiliator (a WordPress plugin) version 2.1.3 and earlier allows attackers to upload dangerous file types, specifically web shells (malicious scripts that give attackers control of a server). This happens because the plugin does not properly restrict what kinds of files users can upload.
CVE-2024-49361 is a vulnerability in ACON, a machine learning library that performs adaptive correlation optimization. The vulnerability exists in how ACON validates input data, which could allow an attacker to bypass these checks and execute arbitrary code (run commands they shouldn't be able to run) on systems using ACON. Machine learning applications that accept user-provided data are at the highest risk, especially those running on production servers (live systems serving real users).
Gradio, an open-source Python package for building user interfaces, has a cross-site scripting vulnerability (XSS, where malicious code hidden in files runs in users' browsers) that affects servers allowing file uploads. Attackers can upload harmful HTML, JavaScript, or SVG files that execute when other users view or download them, potentially stealing data or compromising accounts.
Gradio, an open-source Python package for building demos, has a vulnerability where the connection between the FRP client and server (fast reverse proxy, a tool that exposes local applications to the internet) isn't encrypted when the `share=True` option is used. This means attackers can intercept and read files uploaded to the server or modify data being sent, putting sensitive information at risk for users sharing Gradio demos publicly online.
Gradio, an open-source Python package for building AI demos, has a race condition (a bug where two operations interfere with each other due to timing) in its configuration function that lets attackers change the backend URL. This could redirect users to a fake server to steal login credentials or uploaded files, especially affecting Gradio servers accessible over the internet.
Gradio, an open-source Python package for building prototypes, has a timing attack vulnerability (a security flaw where an attacker measures how long the system takes to respond to guess different values) in its analytics dashboard hash comparison. An attacker could exploit this by sending many requests and timing the responses to gradually figure out the correct hash and gain unauthorized access to the dashboard.
CVE-2024-47868 is a data validation vulnerability (a flaw in how input data is checked) in Gradio, an open-source Python package for building AI demos. Attackers can exploit certain Gradio components by sending specially crafted requests that bypass input checks, allowing them to read and download sensitive files from a server that shouldn't be accessible. This risk is especially high for components that handle file data, like DownloadButton, Audio, ImageEditor, Chatbot, and others.
Gradio, an open-source Python package for prototyping, has a vulnerability where it downloads an FRP client (a tool for secure data tunneling) without checking if the file has been tampered with. An attacker who controls the download server could replace the legitimate FRP client with malicious code, and Gradio wouldn't detect this because it doesn't verify the file's checksum (a unique fingerprint) or signature (a digital seal of authenticity).
Gradio, an open-source Python package for building AI interfaces quickly, has a vulnerability where the enable_monitoring flag doesn't actually disable monitoring as intended. Even when a developer sets enable_monitoring=False to turn off monitoring, an attacker can still access sensitive analytics by directly requesting the /monitoring endpoint (a specific web address). This puts applications at risk of exposing data that was supposed to be hidden.
Gradio, an open-source Python package for building AI demos, has a vulnerability called SSRF (server-side request forgery, where an attacker tricks a server into making requests to URLs the attacker chooses) in its `/queue/join` endpoint. Attackers can exploit this to force the Gradio server to request internal or local network addresses, potentially stealing data or uploading malicious files, especially affecting applications using the Video component. Users should upgrade to Gradio version 5 or later to fix this issue.
Gradio, an open-source Python package for building quick demos, has a vulnerability called path traversal (a method where attackers manipulate file paths to access files outside their intended directory) in its `/custom_component` endpoint. Attackers can exploit this to read and leak source code from custom Gradio components, potentially exposing sensitive code that developers wanted to keep private, particularly affecting those hosting custom components on public servers.
Gradio, an open-source Python package for building AI demos, has a vulnerability where it incorrectly accepts requests from sources with a null origin (a security boundary used by web browsers). This happens because the `localhost_aliases` variable includes "null" as a valid CORS origin (cross-origin resource sharing, which controls what websites can access a server). Attackers could exploit this to steal sensitive data like login tokens or uploaded files from local Gradio deployments.
Gradio, an open-source Python package for building AI demos, has a vulnerability in its directory traversal check function that can be bypassed using special file path sequences (like `..` which means "go up one folder"). This could allow attackers to access files they shouldn't be able to reach, especially when uploading files, though exploiting it is difficult.
Gradio, an open-source Python package for prototyping, has a vulnerability in CORS origin validation (the security check that verifies requests come from trusted websites). When a cookie is present, the server fails to validate the request's origin, allowing attackers to trick users into making unauthorized requests to their local Gradio server, potentially stealing files, authentication tokens, or user data.
Taipy, an open-source Python library for building data applications, has a security flaw where session cookies are served without the Secure and HTTPOnly flags (security markers that prevent browsers from sending cookies over unencrypted connections and protect cookies from being accessed by JavaScript code). This vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 6.3, indicating medium severity.
CVE-2024-43610 is a vulnerability in Microsoft Copilot Studio that allows an unauthenticated attacker to view sensitive information through a network attack. The vulnerability has a CVSS 4.0 severity rating (a 0-10 scale measuring how serious a security flaw is), meaning it poses a moderate risk to affected systems.
CVE-2024-9333 is a permissions bypass vulnerability in M-Files Connector for Copilot (a tool that integrates M-Files document management with AI assistants) that allows authenticated users (people who have already logged in) to access documents they shouldn't be able to see due to incorrect access control list calculations. The vulnerability has a CVSS score of 5.3 (a 0-10 rating of how severe a vulnerability is), which is rated as medium severity.
Fix: Multiple patches were released to fix this issue. The patches are available at the following kernel.org URLs: 325d94d16e3131b54bdf07356e4cd855e0d853fc, 46bab25cc0230df60d1c02b651cc5640a14b08df, 4a95a49f26308782b4056401989ecd7768fda8fa, 698813ba8c580efb356ace8dbf55f61dac6063a8, 73dce3c1d48c4662bdf3ccbde1492c2cb4bfd8ce, 98b15c706644bebc19d2e77ccc360cc51444f6d0, b50c9641897274c3faef5f95ac852f54b94be2e8, and e46adadf19248d59af3aa6bc52e09115bf479bf7.
NVD/CVE DatabaseFix: The kernel now zeros the value of former ARG_PTR_TO_{LONG,INT} arguments (pointers to long or integer values) when non-tracing helpers return errors. Additionally, for MTU helper functions, the *mtu_len pointer value is cleared on the error path to prevent uninitialized memory from being readable.
NVD/CVE DatabaseFix: Upgrade to gradio>=5. As a workaround, restrict uploads to non-executable file types (like images or text) and implement server-side validation to sanitize or reject HTML, JavaScript, and SVG files before they are stored or displayed to users.
NVD/CVE DatabaseFix: Users should upgrade to `gradio>=5` to fix this issue. As an alternative, users can avoid using `share=True` in production environments and instead host their Gradio applications on servers with HTTPS enabled (a secure protocol that encrypts communication) to ensure safe data transmission.
NVD/CVE DatabaseFix: Upgrade to gradio>=5 (version 5 or newer). The source notes there are no known workarounds for this issue.
NVD/CVE DatabaseFix: Upgrade to gradio>4.44. Alternatively, before upgrading, developers can manually patch the analytics_dashboard to use a constant-time comparison function (a method that takes the same amount of time regardless of whether the input is correct) for comparing sensitive values like hashes, or disable access to the analytics dashboard entirely.
NVD/CVE DatabaseFix: This issue has been resolved in gradio>5.0. Upgrading to the latest version will mitigate this vulnerability. There are no known workarounds for this vulnerability.
NVD/CVE DatabaseFix: There is no direct workaround without upgrading. Users can manually validate the integrity of the downloaded FRP client by implementing checksum or signature verification in their own environment to ensure the binary hasn't been tampered with.
NVD/CVE DatabaseFix: Users are advised to upgrade to gradio>=4.44 to address this issue.
NVD/CVE DatabaseFix: Upgrade to `gradio>=5`. As a workaround, disable or heavily restrict URL-based inputs to trusted domains only, implement allowlist-based URL validation (where only pre-approved URLs are accepted), and ensure that local or internal network addresses cannot be requested via the `/queue/join` endpoint.
NVD/CVE DatabaseFix: Users should upgrade to `gradio>=4.44`. As a workaround, developers can sanitize file paths and ensure that components are not stored in publicly accessible directories.
NVD/CVE DatabaseFix: Users are advised to upgrade to gradio>=5.0. As a workaround, users can manually modify the `localhost_aliases` list in their local Gradio deployment to exclude "null" as a valid origin, which will prevent the Gradio server from accepting requests from sandboxed iframes or sources with a null origin.
NVD/CVE DatabaseFix: Upgrade to `gradio>=5.0` to address this issue. As a workaround, manually sanitize and normalize file paths in your Gradio deployment before passing them to the `is_in_or_equal` function, ensuring all file paths are properly resolved as absolute paths (complete paths starting from the root) to mitigate the bypass vulnerabilities.
NVD/CVE DatabaseFix: Users should upgrade to gradio>4.44. Alternatively, as a workaround, users can manually modify the CustomCORSMiddleware class in their local Gradio server code to bypass the condition that skips CORS validation for requests containing cookies.
NVD/CVE DatabaseFix: Upgrade to Taipy release version 4.0.0 or later. According to the source, 'This issue has been addressed in release version 4.0.0 and all users are advised to upgrade.' There are no known workarounds available.
NVD/CVE DatabaseFix: Update M-Files Connector for Copilot to version 24.9.3 or later.
NVD/CVE Database