CVE-2024-34527: spaces_plugin/app.py in SolidUI 0.4.0 has an unnecessary print statement for an OpenAI key. The printed string might be
highvulnerabilityLLM-Specific
security
Summary
SolidUI version 0.4.0 contains a bug where the file spaces_plugin/app.py has an unnecessary print statement that outputs an OpenAI key (a secret credential used to authenticate with OpenAI's services). This printed key could be captured in log files (records of system activity), potentially exposing the credential to unauthorized users.
Vulnerability Details
CVSS Score
7.5(high)
EPSS (30-day exploit probability)
EPSS: 0.1%
Classification
Attack Type
PII Leakage
Attack SophisticationTrivial
Impact (CIA+S)
confidentiality
AI Component TargetedAPI
Affected Vendors
OpenAI
Related Issues
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-34527
First tracked: February 15, 2026 at 08:49 PM
Classified by LLM (prompt v3) · confidence: 85%