AI Security Threat Feed

jupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal"

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file...

A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer. The manipulation leads to memory corruption. Local access is...

Missing Authorization vulnerability in Wilson OpenAI Tools for WordPress & WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OpenAI Tools for...

A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption. The attack needs to be...

A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on...

A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption....

A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory...

A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnn_max_pool2d. The manipulation leads to denial of...

Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and...

InvokeAI Deserialization of Untrusted Data vulnerability

LiteLLM Has a Leakage of Langfuse API Keys

Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability

vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object

Open WebUI stored cross-site scripting (XSS) vulnerability

Open WebUI lacks authentication for the `api/v1/utils/pdf` endpoint

Open WebUI denial of service through endpoint for converting markdown

PyTorch Lightning denial of service vulnerability

Open WebUI Allows Viewing of Admin Details

Open WebUI Vulnerable to Cross-Site Request Forgery (CSRF)

Open WebUI Has Improper Access Control Leading to Arbitrary Prompt Read

Open WebUI Vulnerable to a Session Fixation Attack

Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint

Open WebUI Uncontrolled Resource Consumption vulnerability

Open WebUI Allows Admin Deletion via API Endpoint

Open WebUI Allows Arbitrary File Reading and Deletion

Open WebUI Vulnerable to Cross-Site Scripting (XSS) via Chat File Upload

LiteLLM Vulnerable to Remote Code Execution (RCE)

Open WebUI Allows Arbitrary File Write via the `download_model` Endpoint

Open WebUI has vulnerable dependency on starlette via fastapi

Open WebUI Uncontrolled Resource Consumption vulnerability

BentoML Open Redirect vulnerability

Open WebUI Uncontrolled Resource Consumption vulnerability

BentoML vulnerable to Uncontrolled Resource Consumption

LlamaIndex Retrievers Integration: DuckDBRetriever SQL Injection

H2O Vulnerable to Denial of Service (DoS) and File Write

In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be...

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new account, which may be...

In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. An attacker can create large batches of queries that repeatedly request all runs from a given...

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the...

A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate...

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an...

A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename...

A deserialization vulnerability exists in BentoML's runner server in bentoml/bentoml versions <=1.3.4.post1. By setting specific parameters, an attacker can execute unauthorized arbitrary code on the...

BentoML version v1.3.4post1 is vulnerable to a Denial of Service (DoS) attack. The vulnerability can be exploited by appending characters, such as dashes (-), to the end of a multipart boundary in an...

vllm-project vllm version 0.6.0 contains a vulnerability in the AsyncEngineRPCServer() RPC server entrypoints. The core functionality run_server_loop() calls the function _make_handler_coro(), which...

A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the...

A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary...

A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for `block_count` in the Modelfile. This can lead to a...

An open redirect vulnerability exists in the latest version of gradio-app/gradio. The vulnerability allows an attacker to redirect users to a malicious website by URL encoding. This can be exploited...