CVE-2024-31224: GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versio
criticalvulnerabilityLLM-Specific
security
Summary
GPT Academic is a tool that provides interactive interfaces for large language models. Versions 3.64 through 3.73 have a vulnerability where the server deserializes untrusted data (processes data from users without verifying it's safe), which could allow attackers to execute code remotely on any exposed server. Any device running these vulnerable versions and accessible over the internet is at risk.
Solution / Mitigation
Upgrade to version 3.74, which contains a patch for the issue. The source states: 'There are no known workarounds aside from upgrading to a patched version.'
Vulnerability Details
CVSS Score
9.8(critical)
EPSS (30-day exploit probability)
EPSS: 5.8%
Classification
Attack Type
Model Poisoning
Attack SophisticationModerate
Impact (CIA+S)
integrityavailability
Affected Vendors
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-31224
First tracked: February 15, 2026 at 08:53 PM
Classified by LLM (prompt v3) · confidence: 92%