CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12866 – Local File Inclusion in netease-youdao/qanything
https://notcve.org/view.php?id=CVE-2024-12866
20 Mar 2025 — This vulnerability allows an attacker to read arbitrary files on the file system, which can lead to remote code execution by retrieving private SSH keys, reading private files, source code, and configuration files. • https://huntr.com/bounties/c23da7c7-a226-40a2-83db-6a8ab1b2ef64 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-5752 – Path Traversal in stitionai/devika
https://notcve.org/view.php?id=CVE-2024-5752
20 Mar 2025 — This can lead to arbitrary file overwrite when the application generates code and saves it to the specified project directory, potentially resulting in remote code execution. • https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-8958 – Unrestricted File Write and Read in composiohq/composio
https://notcve.org/view.php?id=CVE-2024-8958
20 Mar 2025 — Due to improper validation of file paths, an attacker can read and write files anywhere on the server, potentially leading to privilege escalation or remote code execution. • https://huntr.com/bounties/e152b094-0593-428e-b813-068d2390ce68 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-7053 – Session Fixation in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-7053
20 Mar 2025 — This can lead to a stealthy administrator account takeover, potentially resulting in remote code execution (RCE) due to the elevated privileges of administrator accounts. • https://huntr.com/bounties/947f8191-0abf-4adf-b7c4-d4c19683aba2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-7806 – Remote Code Execution by Non-Admin Users via CSRF in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-7806
20 Mar 2025 — A vulnerability in open-webui/open-webui versions <= 0.3.8 allows remote code execution by non-admin users via Cross-Site Request Forgery (CSRF). ... This allows an attacker to craft a malicious HTML that, when accessed by a victim, can modify the Python code of an existing pipeline and execute arbitrary code with the victim's privileges. • https://huntr.com/bounties/9350a68d-5f33-4b3d-988b-81e778160ab8 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0CVE-2025-1040 – Server-Side Template Injection (SSTI) in significant-gravitas/autogpt
https://notcve.org/view.php?id=CVE-2025-1040
20 Mar 2025 — AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that could lead to Remote Code Execution (RCE). The vulnerability arises from the improper handling of user-supplied format strings in the `AgentOutputBlock` implementation, where malicious input is passed to the Jinja2 templating engine without adequate security measures. • https://github.com/significant-gravitas/autogpt/commit/6dba31e0215549604bdcc1aed24e3a1714e75ee2 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12450 – RCE, Full Read SSRF, and Arbitrary File Read in infiniflow/ragflow
https://notcve.org/view.php?id=CVE-2024-12450
20 Mar 2025 — Furthermore, the use of an outdated Chromium headless version with --no-sandbox mode enabled makes the application susceptible to Remote Code Execution (RCE) via known Chromium v8 vulnerabilities. • https://github.com/infiniflow/ragflow/commit/3faae0b2c2f8a26233ee1442ba04874b3406f6e9 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-7034 – Remote Code Execution due to Arbitrary File Write in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-7034
20 Mar 2025 — This can lead to unauthorized modifications of system binaries, configuration files, or sensitive data, potentially enabling remote command execution. • https://huntr.com/bounties/711beada-10fe-4567-9278-80a689da8613 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-10954 – Prompt Injection Leading to RCE in binary-husky/gpt_academic Plugin `manim`
https://notcve.org/view.php?id=CVE-2024-10954
20 Mar 2025 — The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code execution (RCE) on the app backend server by injecting malicious code through the prompt. • https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-11958 – SQL Injection in run-llama/llama_index
https://notcve.org/view.php?id=CVE-2024-11958
20 Mar 2025 — A SQL injection vulnerability exists in the `duckdb_retriever` component of the run-llama/llama_index repository, specifically in the latest version. The vulnerability arises from the construction of SQL queries without using prepared statements, allowing an attacker to inject arbitrary SQL code. This can lead to remote code execution (RCE) by installing the shellfs extension and executing malicious commands. • https://github.com/run-llama/llama_index/commit/35bd221e948e40458052d30c6ef2779bc965b6d0 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •