EUVD-2025-208739

HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification. This may allow the possibility of unverified or modified model artifacts being used, potentially leading to integrity concerns or unintended behaviour...

CVE-2025-52645 HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification.

HCL AION is affected by a vulnerability where model packaging and distribution mechanisms may not include sufficient authenticity verification. This may allow the possibility of unverified or modified model artifacts being used, potentially leading to integrity concerns or unintended behaviour...

CVE-2025-52645

CVE-2025-52645 — HCL AION : The vulnerability concerns model packaging and distribution that may lack sufficient authenticity verification, allowing unverified or modified model artifacts and potential integrity concerns or unintended behavior. Affected product: HCL AION (AI lifecycle management ...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the VerifyBundle function in the verify.go file. An attacker can bypass artifact integrity checks by crafting a bundle that includes any arbitrary Rekor entry, allowing successful...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the VerifyBundle function in the verify.go file. An attacker can bypass artifact integrity checks by crafting a bundle that includes any arbitrary Rekor entry, allowing successful...

EUVD-2025-0212

Malicious code in bioql PyPI...