EUVD-2024-47196

Malicious code in bioql PyPI...

EUVD-2025-6872

Malicious code in bioql PyPI...

EUVD-2025-7102

Malicious code in bioql PyPI...

EUVD-2024-46970

Malicious code in bioql PyPI...

EUVD-2024-0024

Malicious code in bioql PyPI...

CVE-2024-3402

A stored Cross-Site Scripting XSS vulnerability existed in version 20240121 of gaizhenbiao/chuanhuchatgpt due to inadequate sanitization and validation of model output data. Despite user-input validation efforts, the application fails to properly sanitize or validate the output from the model,...

CVE-2023-34094

ChuanhuChatGPT is a graphical user interface for ChatGPT and many large language models. A vulnerability in versions 20230526 and prior allows unauthorized access to the config.json file of the privately deployed ChuanghuChatGPT project, when authentication is not configured. The attacker can...

ChuanhuChatGPT Denial of Service Vulnerability

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. A denial of service vulnerability exists in ChuanhuChatGPT version 20240918, which can be exploited by an attacker to cause the system to...

ChuanhuChatGPT HTML Injection Vulnerability

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. An HTML injection vulnerability exists in chuanhuchatgpt version 20b2e02, which stems from improper HTML tag cleanup in chat history uploads,...

ChuanhuChatGPT File Containment Vulnerability

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. A file inclusion vulnerability exists in ChuanhuChatGPT version d4ec6a3, which stems from the gr.JSON component not effectively filtering cal...

ChuanhuChatGPT Resource Management Error Vulnerability

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. A resource management error vulnerability exists in ChuanhuChatGPT version 20240914, which stems from improper handling of large file names i...

ChuanhuChatGPT Cross-Site Scripting Vulnerability

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. ChuanhuChatGPT suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping o...

ChuanhuChatGPT server-side request forgery vulnerability

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. A server-side request forgery vulnerability exists in ChuanhuChatGPT version 20240914, which stems from a vulnerability that allows a respons...

ChuanhuChatGPT Access Control Error Vulnerability

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. An access control error vulnerability exists in ChuanhuChatGPT version 20240802, which stems from improper handling of session data and lack ...

ChuanhuChatGPT Authorization Issue Vulnerability

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. An authorization issue vulnerability exists in the ChuanhuChatGPT c91dbfc version, which stems from the reboot server feature not being check...

ChuanhuChatGPT Denial of Service Vulnerability (CNVD-2025-06188)

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. ChuanhuChatGPT suffers from a denial of service vulnerability that stems from the use of an insecure regular expression. An attacker can...

ChuanhuChatGPT Security Bypass Vulnerability

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. ChuanhuChatGPT suffers from a security bypass vulnerability that originates when a username is provided via a client-side HTTP request, which...

CVE-2025-0191

A Denial of Service DoS vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server...

CVE-2024-10650

An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...

CVE-2024-9216

An authentication bypass vulnerability exists in gaizhenbiao/ChuanhuChatGPT, as of commit 3856d4f, allowing any user to read and delete other users' chat history. The vulnerability arises because the username is provided via an HTTP request from the client side, rather than being read from a secu...