3 matches found
CVE-2026-58658
GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to access sensitive inference logs and modify worker configuration by exploiting unprotected /serveLogs and /debug endpoints on the worker port...
CVE-2026-58658
Summary. CVE-2026-58658 affects GPUStack up to version 2.2.1 and was fixed by commit 4e20551. An unauthenticated attacker can abuse unprotected /serveLogs and /debug endpoints on the worker port to disclose sensitive information and configure logs. Specifically, attackers can enumerate model inst...
EUVD-2026-44750
GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to access sensitive inference logs and modify worker configuration by exploiting unprotected /serveLogs and /debug endpoints on the worker port...