AI Security Threat Feed

LiteLLM Has an Improper Authorization Vulnerability

Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability

LiteLLM Reveals Portion of API Key via a Logging File

vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object

LiteLLM Vulnerable to Denial of Service (DoS) via Crafted HTTP Request

Open WebUI denial of service through endpoint for converting markdown

Open WebUI stored cross-site scripting (XSS) vulnerability

Open WebUI lacks authentication for the `api/v1/utils/pdf` endpoint

Open WebUI allows Remote Code Execution via Arbitrary File Upload to /audio/api/v1/transcriptions

PyTorch Lightning denial of service vulnerability

Open WebUI Vulnerable to Cross-Site Request Forgery (CSRF)

Open Neural Network Exchange (ONNX) Path Traversal Vulnerability

Open WebUI Vulnerable to a Session Fixation Attack

Open WebUI Has Improper Access Control Leading to Arbitrary Prompt Read

Open WebUI Cross-Site Request Forgery (CSRF) Vulnerability

Open WebUI Allows Viewing of Admin Details

PyTorch Lightning path traversal vulnerability

Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability in api/chat/file

Open WebUI Allows Admin Deletion via API Endpoint

Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint

Open WebUI Allows Arbitrary File Reading and Deletion

Open WebUI Vulnerable to Cross-Site Scripting (XSS) via Chat File Upload

LoLLMS Code Injection vulnerability

Open WebUI Uncontrolled Resource Consumption vulnerability

LiteLLM Vulnerable to Remote Code Execution (RCE)

Open WebUI Allows Arbitrary File Write via the `download_model` Endpoint

LlamaIndex Uncontrolled Resource Consumption vulnerability

Open WebUI has vulnerable dependency on starlette via fastapi

BentoML vulnerable to Uncontrolled Resource Consumption

Open WebUI Uncontrolled Resource Consumption vulnerability

Open WebUI Uncontrolled Resource Consumption vulnerability

BentoML Open Redirect vulnerability

LlamaIndex Retrievers Integration: DuckDBRetriever SQL Injection

H2O Vulnerable to Denial of Service (DoS) and File Write

In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without passwords may be...

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new account, which may be...

In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. An attacker can create large batches of queries that repeatedly request all runs from a given...

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the...

A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate...

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an...

A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename...

A deserialization vulnerability exists in BentoML's runner server in bentoml/bentoml versions <=1.3.4.post1. By setting specific parameters, an attacker can execute unauthorized arbitrary code on the...

BentoML version v1.3.4post1 is vulnerable to a Denial of Service (DoS) attack. The vulnerability can be exploited by appending characters, such as dashes (-), to the end of a multipart boundary in an...

vllm-project vllm version 0.6.0 contains a vulnerability in the AsyncEngineRPCServer() RPC server entrypoints. The core functionality run_server_loop() calls the function _make_handler_coro(), which...

A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the...

A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary...

A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for `block_count` in the Modelfile. This can lead to a...

An open redirect vulnerability exists in the latest version of gradio-app/gradio. The vulnerability allows an attacker to redirect users to a malicious website by URL encoding. This can be exploited...

The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change the OpenAI URL to any URL without checks, causing the...

In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment...