aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6530 items

CVE-2024-7776: A vulnerability in the `download_model` function of the onnx/onnx framework, before and including version 1.16.1, allows

criticalvulnerability
security
Mar 20, 2025
CVE-2024-7776

CVE-2024-7776 is a vulnerability in the ONNX framework (a tool for machine learning models) version 1.16.1 and earlier, where the `download_model` function fails to properly block path traversal attacks (a technique where attackers use special file path sequences to access files outside the intended directory). An attacker could exploit this to overwrite files on a user's system, potentially leading to remote code execution (running malicious commands on the victim's computer).

NVD/CVE Database

CVE-2024-6838: In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a la

mediumvulnerability
security
Mar 20, 2025
CVE-2024-6838

MLflow version v2.13.2 has a vulnerability that allows someone to create or rename an experiment with an extremely long name containing many numbers, which causes the MLflow UI (user interface panel) to stop responding, creating a denial of service (when a system becomes unusable). The problem exists because there are no limits on how long experiment names or the artifact_location parameter can be.

CVE-2024-6577: In the latest version of pytorch/serve, the script 'upload_results_to_s3.sh' references the S3 bucket 'benchmarkai-metri

mediumvulnerability
security
Mar 20, 2025
CVE-2024-6577

CVE-2024-6577 is a vulnerability in PyTorch Serve where a script called 'upload_results_to_s3.sh' references an Amazon S3 bucket (a cloud storage service) without verifying that the script's creators actually own or control it, potentially allowing unauthorized access to sensitive data stored in that bucket.

CVE-2024-12775: langgenius/dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the test functionality for

highvulnerability
security
Mar 20, 2025
CVE-2024-12775

Dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability, which is a weakness where an attacker tricks a server into making requests to unintended targets. Through the 'Create Custom Tool' REST API endpoint, attackers can manipulate the URL parameter to make the victim's server access unauthorized web resources using the server's own credentials.

CVE-2024-12720: A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, spe

highvulnerability
security
Mar 20, 2025
CVE-2024-12720

A ReDoS (regular expression denial of service, where a poorly designed search pattern can be exploited to consume excessive computer processing power) vulnerability was found in the huggingface/transformers library version 4.46.3, specifically in code that processes text tokens. An attacker could send specially crafted input that causes the regex to work inefficiently, using up all the CPU and crashing the application.

CVE-2024-12704: A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial

highvulnerability
security
Mar 20, 2025
CVE-2024-12704

A vulnerability in the LangChainLLM class (a component for running language models in the llama_index library) version v0.12.5 allows attackers to cause a Denial of Service (DoS, where a system becomes unresponsive). If a thread (a lightweight process running code in parallel) terminates unexpectedly before executing the language model prediction, the code lacks error handling and enters an infinite loop (code that never stops repeating), which can be triggered by providing incorrectly typed input.

CVE-2024-12217: A vulnerability in the gradio-app/gradio repository, version git 67e4044, allows for path traversal on Windows OS. The i

highvulnerability
security
Mar 20, 2025
CVE-2024-12217

A flaw in the Gradio application (version git 67e4044) on Windows allows attackers to bypass security protections and read files that should be blocked. The vulnerability exploits NTFS Alternate Data Streams (ADS, a Windows feature that lets files have hidden data attached to them) by using special syntax like 'C:/tmp/secret.txt::$DATA' to access blocked files that would normally be restricted.

CVE-2024-12065: A local file inclusion vulnerability exists in haotian-liu/llava at commit c121f04. This vulnerability allows an attacke

mediumvulnerability
security
Mar 20, 2025
CVE-2024-12065

CVE-2024-12065 is a local file inclusion vulnerability (a flaw that lets attackers read files they shouldn't have access to) in the LLaVA project at a specific code version. An attacker can request multiple crafted messages to a server and access any file on the system because the gradio web UI component (the interface users interact with) doesn't properly check user inputs for malicious content.

CVE-2024-12055: A vulnerability in Ollama versions <=0.3.14 allows a malicious user to create a customized gguf model file that can be u

highvulnerability
security
Mar 20, 2025
CVE-2024-12055

CVE-2024-12055 is a vulnerability in Ollama versions 0.3.14 and earlier that allows an attacker to upload a malicious gguf model file (a type of AI model format), which causes the server to crash when processing it. This is a Denial of Service attack (making a service unavailable), and the underlying issue is an out-of-bounds read (attempting to access memory locations that are outside the intended range) in the gguf.go file.

CVE-2024-11041: vllm-project vllm version v0.6.2 contains a vulnerability in the MessageQueue.dequeue() API function. The function uses

highvulnerability
security
Mar 20, 2025
CVE-2024-11041

vllm version v0.6.2 has a vulnerability in its MessageQueue.dequeue() function that uses pickle.loads (a Python method that reconstructs objects from serialized data) to process data directly from network sockets without validation. An attacker can send a malicious serialized payload that causes RCE (remote code execution, where an attacker runs commands on a target system), allowing them to execute arbitrary code on a victim's machine.

CVE-2024-11037: A path traversal vulnerability exists in binary-husky/gpt_academic at commit 679352d, which allows an attacker to bypass

mediumvulnerability
security
Mar 20, 2025
CVE-2024-11037

CVE-2024-11037 is a path traversal vulnerability (a flaw where an attacker bypasses restrictions to access files outside the intended directory) in the gpt_academic project that allows attackers to read the config.py file containing sensitive data like OpenAI API keys by accessing a specific URL with an absolute file path, and it affects Windows systems.

CVE-2024-11031: In version 3.83 of binary-husky/gpt_academic, a Server-Side Request Forgery (SSRF) vulnerability exists in the Markdown_

highvulnerability
security
Mar 20, 2025
CVE-2024-11031

Version 3.83 of gpt_academic contains an SSRF vulnerability (server-side request forgery, where an attacker tricks a server into making unwanted requests to other systems) in the Markdown_Translate.get_files_from_everything() API. The HotReload plugin only checks if links start with 'http', allowing attackers to download files from arbitrary web hosts using the server's credentials.

CVE-2024-11030: GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability through its HotReload plug

highvulnerability
security
Mar 20, 2025
CVE-2024-11030

GPT Academic version 3.83 has a Server-Side Request Forgery (SSRF) vulnerability, which is a flaw where an attacker tricks the server into making web requests on their behalf, in its HotReload plugin. The vulnerability exists because the plugin calls an API function without checking the input for malicious content, allowing attackers to misuse the web server's access to reach unauthorized resources.

CVE-2024-10940: A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized us

highvulnerability
security
Mar 20, 2025
CVE-2024-10940

A vulnerability in langchain-core (a library used to build AI applications) versions 0.1.17-0.1.52, 0.2.0-0.2.42, and 0.3.0-0.3.14 allows attackers to read any file from a server's hard drive by manipulating prompt templates (pre-written instruction formats for AI models). If the AI then shows these file contents to users, sensitive information like passwords or private data could be exposed.

CVE-2024-10707: gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion vulnerability due to the use of the

mediumvulnerability
security
Mar 20, 2025
CVE-2024-10707

CVE-2024-10707 is a local file inclusion vulnerability (a security flaw where an attacker can read files they shouldn't access) in chuanhuchatgpt version git d4ec6a3. The vulnerability exists because the software uses a component called gr.JSON from gradio that has a known security issue, allowing unauthenticated users to upload specially crafted JSON files and read arbitrary files on the server due to improper input validation.

CVE-2024-10650: An unauthenticated Denial of Service (DoS) vulnerability was identified in ChuanhuChatGPT version 20240918, which could

highvulnerability
security
Mar 20, 2025
CVE-2024-10650

ChuanhuChatGPT version 20240918 has an unauthenticated Denial of Service vulnerability (DoS, a type of attack that makes a service unavailable) that can be triggered by sending specially formatted data with multipart boundaries or grouped characters. Even though a previous patch was applied, attackers can still exploit this by sending data in lines of 10 characters repeatedly, causing the system to get stuck processing and become unavailable.

CVE-2024-10648: A path traversal vulnerability exists in the Gradio Audio component of gradio-app/gradio, as of version git 98cbcae. Thi

mediumvulnerability
security
Mar 20, 2025
CVE-2024-10648

CVE-2024-10648 is a path traversal vulnerability (a flaw where an attacker manipulates file paths to access unintended files) in Gradio's Audio component that lets attackers control audio file formats and delete file contents, potentially causing a denial of service (a situation where a system becomes unavailable to legitimate users). By changing the output format, an attacker can empty any file on the server.

CVE-2024-10624: A Regular Expression Denial of Service (ReDoS) vulnerability exists in the gradio-app/gradio repository, affecting the g

highvulnerability
security
Mar 20, 2025
CVE-2024-10624

A ReDoS (regular expression denial of service, where specially crafted text causes a regex pattern to take extremely long to process) vulnerability exists in Gradio's datetime component. An attacker can send a malicious input that makes the vulnerable regex pattern consume all of a server's CPU resources, causing the Gradio application to become unresponsive.

CVE-2024-10569: A vulnerability in the dataframe component of gradio-app/gradio (version git 98cbcae) allows for a zip bomb attack. The

mediumvulnerability
security
Mar 20, 2025
CVE-2024-10569

CVE-2024-10569 is a vulnerability in Gradio's dataframe component that allows a zip bomb attack (a compressed file designed to crash systems when decompressed). An attacker can upload a malicious compressed file, which the component processes using pd.read_csv (a function that reads spreadsheet data), causing the server to crash and become unavailable.

CVE-2024-10188: A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS

mediumvulnerability
security
Mar 20, 2025
CVE-2024-10188

CVE-2024-10188 is a vulnerability in BerriAI/litellm that allows unauthenticated users to crash the litellm Python server by exploiting unsafe input parsing. The vulnerability exists because the code uses ast.literal_eval (a Python function that evaluates code, which is not safe for untrusted input) to process user-supplied data, making it vulnerable to DoS (denial of service, where attackers make a service unavailable) attacks.

Previous264 / 327Next
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database

Fix: Update langchain-core to version 0.1.53 or later, 0.2.43 or later, or 0.3.15 or later.

NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database