Lucene search
+L

86 matches found

CNNVD
CNNVD
added 2026/04/20 12:0 a.m.8 views

FastChat 安全漏洞

FastChat is an open-source platform developed by LMSYS for training, deploying, and evaluating chatbots based on large language models. Versions of FastChat prior to 0.2.36 contain security vulnerabilities. These vulnerabilities stem from incorrect operations on the addtext function in the Arena...

6.9CVSS6.1AI score0.00308EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.13 views

PT-2026-33713

Name of the Vulnerable Software and Affected Versions lm-sys fastchat versions prior to 0.2.37 Description A flaw in the Worker API Endpoint allows remote attackers to cause resource consumption through the manipulation of the api generate function. Recommendations Install the patch provided in...

6.9CVSS6.2AI score0.00623EPSS
Exploits0References16
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.15 views

FastChat 安全漏洞

FastChat is an open-source platform developed by LMSYS for training, deploying, and evaluating chatbots based on large language models. Versions of FastChat prior to 0.2.36 contain security vulnerabilities, which stem from incorrect operations on the apigenerate function within the Worker API...

6.9CVSS6AI score0.00623EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.11 views

PT-2026-33714

Name of the Vulnerable Software and Affected Versions lm-sys fastchat versions prior to 0.2.37 Description Remote Code Execution is possible in the Arena Side-by-Side View Handler component via the add text function. Manipulation of this function results in incorrect control flow, allowing an...

6.9CVSS6.2AI score0.00308EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-7063

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.0077EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-7062

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00588EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-7033

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00646EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-7008

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00703EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-11794

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00179EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-33573

Malicious code in bioql PyPI...

9.3CVSS9.3AI score0.00511EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/26 12:15 a.m.7 views

CVE-2025-3677

A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This vulnerability affects the function splitfiles/applydeltalowcpumem of the file fastchat/model/applydelta.py. The manipulation leads to deserialization. An attack has to be approached locally...

5.3CVSS7AI score0.00179EPSS
Exploits0References1
NVD
NVD
added 2025/04/16 9:15 a.m.32 views

CVE-2025-3677

A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This vulnerability affects the function splitfiles/applydeltalowcpumem of the file fastchat/model/applydelta.py. The manipulation leads to deserialization. An attack has to be approached locally...

5.3CVSS0.00179EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/04/16 8:31 a.m.22 views

CVE-2025-3677 lm-sys fastchat apply_delta.py apply_delta_low_cpu_mem deserialization

A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This vulnerability affects the function splitfiles/applydeltalowcpumem of the file fastchat/model/applydelta.py. The manipulation leads to deserialization. An attack has to be approached locally...

5.3CVSS0.00179EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/16 8:31 a.m.4 views

CVE-2025-3677 lm-sys fastchat apply_delta.py apply_delta_low_cpu_mem deserialization

A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This vulnerability affects the function splitfiles/applydeltalowcpumem of the file fastchat/model/applydelta.py. The manipulation leads to deserialization. An attack has to be approached locally...

5.3CVSS5.4AI score0.00179EPSS
Exploits0References4
CVE
CVE
added 2025/04/16 8:31 a.m.70 views

CVE-2025-3677

CVE-2025-3677 affects lm-sys fastchat up to 0.2.36. A vulnerability in fastchat/model/apply_delta.py -> split_files/apply_delta_low_cpu_mem allows deserialization when manipulated locally. The connected docs specify a local-access exploitation vector; no exploit details are provided and no rem...

5.3CVSS5.4AI score0.00179EPSS
Exploits0References4
OSV
OSV
added 2025/04/16 8:31 a.m.4 views

CVE-2025-3677 lm-sys fastchat apply_delta.py apply_delta_low_cpu_mem deserialization

A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This vulnerability affects the function splitfiles/applydeltalowcpumem of the file fastchat/model/applydelta.py. The manipulation leads to deserialization. An attack has to be approached locally...

4.8CVSS5.7AI score0.00179EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.4 views

FastChat 代码问题漏洞

FastChat is an open source platform from LMSYS for training, deploying and evaluating chatbots based on large language models. A code issue vulnerability exists in FastChat version 0.2.36 and earlier, which stems from a deserialization issue in the splitfiles/applydeltalowcpumem function in the...

5.3CVSS5.7AI score0.00179EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/03/22 1:4 p.m.9 views

CVE-2024-10908

An open redirect vulnerability in lm-sys/fastchat Release v0.2.36 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can be exploited for phishing attacks, malware distribution, and credential theft...

6.1CVSS7.1AI score0.0077EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/22 12:27 p.m.7 views

CVE-2024-12376

A Server-Side Request Forgery SSRF vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. This vulnerability allows an attacker to access internal server resources and data that are otherwise inaccessible, such as AWS metadata credentials...

7.5CVSS6.9AI score0.00703EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/22 12:9 p.m.9 views

CVE-2024-10912

A Denial of Service DoS vulnerability exists in the file upload feature of lm-sys/fastchat version 0.2.36. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this by sending a payload with an excessively large...

7.5CVSS6.9AI score0.00588EPSS
Exploits1References1
Rows per page
Query Builder