aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

AI & LLM Vulnerabilities

Security vulnerabilities, privacy incidents, safety concerns, and policy updates affecting LLMs and AI agents.

to
Export CSV
2170 items

CVE-2023-38976: An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLReques

highvulnerability
security
Aug 21, 2023
CVE-2023-38976

Weaviate v.1.20.0 contains a vulnerability (CVE-2023-38976) in the handleUnbatchedGraphQLRequest function that allows remote attackers to cause a denial of service (making a service unavailable by overwhelming it with requests). The vulnerability has a CVSS score of 4.0 (a moderate severity rating).

NVD/CVE Database

CVE-2023-39659: An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted

criticalvulnerability
security
Aug 15, 2023
CVE-2023-39659

CVE-2023-39659 is a vulnerability in langchain (an AI library) version 0.0.232 and earlier that allows a remote attacker to execute arbitrary code (run commands they choose) by sending a specially crafted script to the PythonAstREPLTool._run component. The vulnerability is caused by improper neutralization of special elements in output (a type of injection attack where untrusted input is not properly filtered before being processed).

CVE-2023-38896: An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the fro

criticalvulnerability
security
Aug 15, 2023
CVE-2023-38896

CVE-2023-38896 is a vulnerability in langchain v.0.0.194 and earlier versions that allows a remote attacker to execute arbitrary code (run commands on a system they don't control) through the from_math_prompt and from_colored_object_prompt functions. This is an injection attack (CWE-74), where the software fails to properly filter special characters or commands that could be misused by downstream components.

CVE-2023-38860: An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter.

criticalvulnerability
security
Aug 15, 2023
CVE-2023-38860

LangChain version 0.0.231 has a vulnerability (CVE-2023-38860) where a remote attacker can execute arbitrary code by manipulating the prompt parameter, which is a type of code injection (CWE-94, where an attacker tricks the system into running malicious code by hiding it in input data).

CVE-2023-27506: Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authe

mediumvulnerability
security
Aug 11, 2023
CVE-2023-27506

CVE-2023-27506 is a vulnerability in Intel Optimization for Tensorflow software before version 2.12 involving improper buffer restrictions (a memory safety flaw where a program doesn't properly check that it stays within allocated memory). An authenticated user with local access to a system could potentially use this flaw to escalate their privileges, gaining higher-level access than they should have.

CVE-2023-36095: An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in

criticalvulnerability
security
Aug 5, 2023
CVE-2023-36095

LangChain (an AI framework for building applications with language models) version 0.0.194 contains a code injection vulnerability (CWE-94, a weakness where attackers can inject malicious code into a program) that allows attackers to execute arbitrary code through the PALChain component, specifically in the from_math_prompt and from_colored_object_prompt functions that use Python's exec command.

CVE-2023-4033: OS Command Injection in GitHub repository mlflow/mlflow prior to 2.6.0.

highvulnerability
security
Aug 1, 2023
CVE-2023-4033

CVE-2023-4033 is an OS command injection vulnerability (a type of attack where an attacker can run arbitrary system commands) found in MLflow, an open-source machine learning platform, in versions before 2.6.0. The vulnerability allows attackers to execute unauthorized commands on affected systems.

CVE-2023-3765: Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0.

criticalvulnerability
security
Jul 19, 2023
CVE-2023-3765EPSS: 92.1%

MLflow (a popular machine learning platform) versions before 2.5.0 contain a vulnerability called absolute path traversal (CWE-36, where an attacker can access files anywhere on a system by manipulating file paths). This vulnerability was identified and reported through the huntr.dev bug bounty program.

CVE-2023-3686: A vulnerability was found in Bylancer QuickAI OpenAI 3.8.1. It has been declared as critical. This vulnerability affects

mediumvulnerability
security
Jul 16, 2023
CVE-2023-3686

A critical vulnerability (CVE-2023-3686) was found in Bylancer QuickAI OpenAI version 3.8.1 that allows SQL injection (a technique where attackers insert malicious database commands into user input) through the 's' parameter in the /blog file's GET Parameter Handler. The attack can be launched remotely, and the vendor did not respond to early disclosure attempts.

CVE-2023-37275: Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. The Auto-GP

lowvulnerability
security
Jul 13, 2023
CVE-2023-37275

Auto-GPT is an experimental application that uses GPT-4 (a large language model) to demonstrate AI capabilities through a command-line interface. Before version 0.4.3, malicious websites could trick Auto-GPT's language model into outputting specially encoded text (ANSI escape sequences, which are hidden commands that control console display) that would create fake or misleading messages on the user's screen, potentially causing them to run unintended commands.

CVE-2023-37274: Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. When Auto-G

highvulnerability
security
Jul 13, 2023
CVE-2023-37274

Auto-GPT versions before 0.4.3 have a path traversal vulnerability (a weakness where an attacker uses file paths like '../../../' to access files outside the intended directory) in the `execute_python_code` command that fails to validate filenames, allowing an attacker to write malicious code outside the sandbox and execute arbitrary commands on the host system. This vulnerability bypasses the Docker container (a tool that isolates applications) meant to protect the main system from untrusted code.

CVE-2023-37273: Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. Running Aut

highvulnerability
security
Jul 13, 2023
CVE-2023-37273

Auto-GPT versions before 0.4.3 have a security flaw where the docker-compose.yml file (a configuration file that sets up Docker containers) is mounted into the container without write protection. If an attacker tricks Auto-GPT into running malicious code through the `execute_python_file` or `execute_python_code` commands, they can overwrite this file and gain control of the host system (the main computer running Auto-GPT) when it restarts.

CVE-2023-36189: SQL injection vulnerability in langchain before v0.0.247 allows a remote attacker to obtain sensitive information via th

highvulnerability
security
Jul 6, 2023
CVE-2023-36189

A SQL injection vulnerability (a type of attack where an attacker inserts malicious SQL commands into input fields) exists in langchain versions before v0.0.247 in the SQLDatabaseChain component, allowing remote attackers to obtain sensitive information from databases.

CVE-2023-36188: An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Pyth

criticalvulnerability
security
Jul 6, 2023
CVE-2023-36188

CVE-2023-36188 is a vulnerability in langchain version 0.0.64 that allows a remote attacker to execute arbitrary code (running commands they shouldn't be able to run) through the PALChain parameter in Python's exec method. This is a type of injection attack (CWE-74, where an attacker tricks a system by inserting malicious code into input that gets processed as commands).

CVE-2023-36258: An issue in LangChain before 0.0.236 allows an attacker to execute arbitrary code because Python code with os.system, ex

criticalvulnerability
security
Jul 3, 2023
CVE-2023-36258

CVE-2023-36258 is a vulnerability in LangChain before version 0.0.236 that allows an attacker to execute arbitrary code (run any commands they want on a system) by exploiting the ability to use Python functions like os.system, exec, or eval (functions that can run code dynamically). This is a code injection vulnerability (CWE-94, where attackers trick a program into running unintended code).

CVE-2023-34541: Langchain 0.0.171 is vulnerable to Arbitrary code execution in load_prompt.

criticalvulnerability
security
Jun 20, 2023
CVE-2023-34541

Langchain version 0.0.171 has a vulnerability that allows arbitrary code execution (running uncontrolled commands on a system) through its load_prompt function. The vulnerability was reported in June 2023, but the provided source material does not contain detailed information about how the vulnerability works or its severity rating.

CVE-2023-34540: Langchain before v0.0.225 was discovered to contain a remote code execution (RCE) vulnerability in the component JiraAPI

criticalvulnerability
security
Jun 14, 2023
CVE-2023-34540

Langchain versions before v0.0.225 contained a remote code execution (RCE, where attackers can run commands on a system they don't own) vulnerability in the JiraAPIWrapper component that allowed attackers to execute arbitrary code through specially crafted input. The vulnerability was identified in the JiraAPI wrapper component of the library.

CVE-2023-34239: Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path f

highvulnerability
security
Jun 8, 2023
CVE-2023-34239

Gradio, an open-source Python library for building machine learning and data science applications, has a vulnerability where it fails to properly filter file paths and restrict which URLs can be proxied (accessed through Gradio as an intermediary), allowing unauthorized file access. This vulnerability affects input validation (the process of checking that data entering a system is safe and expected).

CVE-2023-34094: ChuanhuChatGPT is a graphical user interface for ChatGPT and many large language models. A vulnerability in versions 202

highvulnerability
security
Jun 2, 2023
CVE-2023-34094

ChuanhuChatGPT (a graphical interface for ChatGPT and other large language models) has a vulnerability in versions 20230526 and earlier that allows attackers to access the config.json file (a configuration file storing sensitive settings) without permission when authentication is disabled, potentially exposing API keys (credentials that grant access to external services). The vulnerability allows attackers to steal these API keys from the configuration file.

CVE-2023-33979: gpt_academic provides a graphical interface for ChatGPT/GLM. A vulnerability was found in gpt_academic 3.37 and prior. T

mediumvulnerability
security
May 31, 2023
CVE-2023-33979

gpt_academic (a tool that provides a graphical interface for ChatGPT/GLM) versions 3.37 and earlier have a vulnerability where the Configuration File Handler allows attackers to read sensitive files through the `/file` route because no files are protected from access. This can leak sensitive information from working directories to users who shouldn't have access to it.

Previous84 / 109Next
NVD/CVE Database

Fix: A patch is available at https://github.com/hwchase17/langchain/pull/6003. Users should update langchain to a version after v.0.0.194.

NVD/CVE Database
NVD/CVE Database

Fix: Update Intel Optimization for Tensorflow to version 2.12 or later.

NVD/CVE Database
NVD/CVE Database

Fix: Update MLflow to version 2.6.0 or later. A patch is available at the GitHub commit: https://github.com/mlflow/mlflow/commit/6dde93758d42455cb90ef324407919ed67668b9b

NVD/CVE Database

Fix: Upgrade to MLflow version 2.5.0 or later. A patch is available at https://github.com/mlflow/mlflow/commit/6dde93758d42455cb90ef324407919ed67668b9b.

NVD/CVE Database
NVD/CVE Database

Fix: The issue has been patched in release version 0.4.3.

NVD/CVE Database

Fix: The issue has been patched in version 0.4.3. As a workaround, run Auto-GPT in a virtual machine or another environment in which damage to files or corruption of the program is not a critical problem.

NVD/CVE Database

Fix: Update to Auto-GPT version 0.4.3 or later, as the issue has been patched in that version.

NVD/CVE Database

Fix: Update langchain to version v0.0.247 or later.

NVD/CVE Database

Fix: A patch is available at https://github.com/hwchase17/langchain/pull/6003

NVD/CVE Database

Fix: Upgrade LangChain to version 0.0.236 or later.

NVD/CVE Database
NVD/CVE Database

Fix: Update Langchain to v0.0.225 or later. A fix is available in the release v0.0.225.

NVD/CVE Database

Fix: Users are advised to upgrade to version 3.34.0. The source notes there are no known workarounds for this vulnerability.

NVD/CVE Database

Fix: The vulnerability has been fixed in commit bfac445. As a workaround, setting up access authentication (a login system that restricts who can access the software) can help mitigate the vulnerability.

NVD/CVE Database

Fix: A patch is available at commit 1dcc2873d2168ad2d3d70afcb453ac1695fbdf02. As a workaround, users can configure the project using environment variables instead of `config*.py` files, or use docker-compose installation (a tool for running containerized applications) to configure the project instead of configuration files.

NVD/CVE Database