GHSA-CJQG-RQ2H-2FVJ Docling: Unsafe Zip Extraction in EasyOCR Model Download

Impact In versions 2.91.0, The EasyOCR model download functionality extracted ZIP archives without validating member paths, enabling Zip Slip attacks. If an attacker could compromise the model download source via supply chain attack, DNS spoofing, or MITM, they could write arbitrary files to any...

Docling: Unsafe Zip Extraction in EasyOCR Model Download

Impact In versions 2.91.0, The EasyOCR model download functionality extracted ZIP archives without validating member paths, enabling Zip Slip attacks. If an attacker could compromise the model download source via supply chain attack, DNS spoofing, or MITM, they could write arbitrary files to any...

CVE-2026-35050

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...

CVE-2026-35050

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...

CVE-2026-35050 text-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml".

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...

CVE-2026-35050

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...

PT-2026-30687

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.1.1, users can save extention settings in "py" format and in the app root directory. This allows to overwrite python files, for instance the "download-model.py" file could be overwritten. Then, thi...

EUVD-2024-2442

Malicious code in bioql PyPI...

CVE-2025-51471

A domain validation flaw has been discovered in Ollama. In instances where a user attempts to download a model, but where the server responds with an http 401 error code, Ollama follows the WWW-Authenticate header's realm URL without validating if it belongs to the same domain as the original...

PYSEC-2025-145

A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip through the downloadmodel endpoint. An attacker can manipulate file paths to write files to arbitrary locations on the server's filesystem, potentially...

CVE-2025-27777

CVE-2025-27777 affects Applio (voice conversion tool). Versions ≤ 3.2.7 contain a server‑side request forgery (SSRF) in model_download.py (line 195 in 3.2.7) that can be used to issue requests on behalf of the Applio server. The issue is described as a blind SSRF, with potential to probe internal...

Applio 代码问题漏洞

Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery and file write issue in modeldownload.py, which could lead an attacker to send a request on behalf of t...

PT-2025-11979 · Applio · Applio

Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.7 and prior Description: Applio is a voice conversion tool. The issue allows for server-side request forgery SSRF in model download.py, which can be leveraged to probe for other vulnerabilities on the server itself or on...

Applio 代码问题漏洞

Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery issue in modeldownload.py that could lead an attacker to send requests on behalf of the Applio server...

Applio 代码问题漏洞

Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery and file write issue in modeldownload.py, which could lead an attacker to send a request on behalf of t...

Applio 代码问题漏洞

Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery and file write issue in modeldownload.py, and could lead to an attacker sending requests on behalf of t...

UBUNTU-CVE-2024-35198

TorchServe is a flexible and easy-to-use tool for serving and scaling PyTorch models in production. TorchServe 's check on allowedurls configuration can be by-passed if the URL contains characters such as ".." but it does not prevent the model from being downloaded into the model store. Once a fi...