CVE-2026-31219

The loadmodel function in the neuralmagictraining.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f 2024-07-21 is vulnerable to insecure deserialization CWE-502. When a user provides a single model file path e.g., .pt or .pth via the --model command-line argumen...

CVE-2026-31217

The loadmodel function in the neuralmagictraining.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f 2024-07-21 allows arbitrary code execution. When a user supplies a directory path via the --model command-line argument, the function reads a module.py file from...

CVE-2026-31217

The loadmodel function in the neuralmagictraining.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f 2024-07-21 allows arbitrary code execution. When a user supplies a directory path via the --model command-line argument, the function reads a module.py file from...

OptiMate 安全漏洞

OptiMate is an AI model optimization tool library developed by Nebuly. There is a security vulnerability in OptiMate. This vulnerability stems from the loadmodel function in the neuralmagictraining.py script, which directly executes the content of the module.py file located in the user-provided...

OptiMate 安全漏洞

OptiMate is an AI model optimization tool library developed by Nebuly. There is a security vulnerability in OptiMate. This vulnerability stems from the loadmodel function in the neuralmagictraining.py script, which loads the statedict.pt file using torch.load, without enabling the weightsonly=Tru...

CVE-2026-31218

The loadmodel function in the neuralmagictraining.py script of the optimate project in commit a6d302f912b481c94370811af6b11402f51d377f 2024-07-21 is vulnerable to insecure deserialization CWE-502. When loading a model state dictionary from a statedict.pt file via torch.load, the function does not...

EUVD-2025-4048

Malicious code in bioql PyPI...

CVE-2025-25136

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shujahat21 Optimate Ads optimate-ads allows Stored XSS.This issue affects Optimate Ads: from n/a through = 1.0.3...

CVE-2025-25136

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shujahat21 Optimate Ads optimate-ads allows Stored XSS.This issue affects Optimate Ads: from n/a through = 1.0.3...

CVE-2025-25136 WordPress Optimate Ads plugin <= 1.0.3 - Cross-Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in shujahat21 Optimate Ads allows Stored XSS. This issue affects Optimate Ads: from n/a through 1.0.3...

CVE-2025-25136

CVE-2025-25136 is a stored Cross‑Site Scripting (XSS) vulnerability in the WordPress plugin “Optimate Ads” (versions up to 1.0.3, per multiple sources). The issue is described as improper neutralization of input during web page generation, enabling stored XSS. Public advisories indicate a MEDIUM ...

WordPress plugin Optimate Ads 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress Optimate Ads plugin <= 1.0.3 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Optimate Ads versions = 1.0.3...