EUVD-2025-7055

Malicious code in bioql PyPI...

CVE-2024-11030

GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery SSRF vulnerability through its HotReload plugin function, which calls the crazyutils.getfilesfromeverything API without proper sanitization. This allows attackers to exploit the vulnerability to abuse the victim GPT Academic...

CVE-2024-11031

In version 3.83 of binary-husky/gptacademic, a Server-Side Request Forgery SSRF vulnerability exists in the MarkdownTranslate.getfilesfromeverything API. This vulnerability is exploited through the HotReloadMarkdown翻译中 plugin function, which allows downloading arbitrary web hosts by only checking...

CVE-2024-11030

GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery SSRF vulnerability through its HotReload plugin function, which calls the crazyutils.getfilesfromeverything API without proper sanitization. This allows attackers to exploit the vulnerability to abuse the victim GPT Academic...

CVE-2024-11030

GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery SSRF vulnerability through its HotReload plugin function, which calls the crazyutils.getfilesfromeverything API without proper sanitization. This allows attackers to exploit the vulnerability to abuse the victim GPT Academic...

CVE-2024-11030

GPT Academic version 3.83 is affected by a Server-Side Request Forgery (SSRF) in the HotReload plugin. The vulnerability arises when HotReload calls crazy_utils.get_files_from_everything() without proper input sanitization, enabling an attacker to misuse the Gradio Web server’s credentials to acc...

CVE-2024-11030 SSRF in binary-husky/gpt_academic

GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery SSRF vulnerability through its HotReload plugin function, which calls the crazyutils.getfilesfromeverything API without proper sanitization. This allows attackers to exploit the vulnerability to abuse the victim GPT Academic...

PT-2025-12089 · Hotreload +2 · Hotreload +2

Name of the Vulnerable Software and Affected Versions: binary-husky/gpt academic version 3.83 Description: A Server-Side Request Forgery SSRF issue exists in the Markdown Translate.get files from everything API, allowing attackers to download arbitrary web hosts by exploiting the HotReload plugin...

PT-2025-12088 · Hotreload +2 · Hotreload +2

Name of the Vulnerable Software and Affected Versions: GPT Academic version 3.83 Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability. It occurs through the HotReload plugin function, which calls the crazy utils.get files from everything API without proper...

Malicious code in rollup-plugin-hotreload (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a5f1926b00e34e20d1f36662b0093d46104a516288d7edd6faf52f4ce78a039 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...