29 matches found
CVE-2024-10100
CVE-2024-10100 affects binary-husky/gpt_academic v3.83. Root cause: improper handling of the file parameter allows path traversal via URL encoding. Impact: attackers could view any file on the host, including sensitive files (application files, SSH keys, API keys, configuration values). Public re...
CVE-2025-25185
CVE-2025-25185: GPT Academic exposes a back-linking vulnerability in 3.91 and earlier where soft links are not properly handled during tar.gz extraction. An attacker can create a malicious file as a soft link to a target server file, package it in a tar.gz, upload it, and on decompression the sof...
CVE-2024-10812
CVE-2024-10812 affects binary-husky/gpt_academic (v3.83) with an open redirect via the file parameter. The Nuclei template for GPT Academic v1.3.9 confirms the issue arises from user-controlled input that redirects to attacker-controlled URLs, enabling phishing, malware distribution, and credenti...
CVE-2024-31224
GPT Academic’s CVE-2024-31224 affects versions 3.64–3.73 of the GPT Academic interface. The root cause is unsafe deserialization of data from the client, which may allow remote code execution when the service is exposed to the Internet. The issue is mitigated by upgrading to version 3.74, which c...
CVE-2024-12389
CVE-2024-12389 affects binary-husky/gpt_academic (version git 310122f). A path traversal flaw arises when extracting user-provided 7z archives with the Python py7zr library, which does not guarantee containment within the intended extraction directory. This can enable arbitrary file writes and po...
CVE-2025-0183
CVE-2025-0183 describes a stored cross-site scripting (XSS) vulnerability in the Latex Proof-Reading Module of binary-husky/gpt_academic, version 3.9.0. The issue arises from insufficient filtering/escaping of user-supplied data, allowing an attacker to inject malicious scripts into the debug_log...
CVE-2024-12391
The CVE-2024-12391 entry affects binary-husky/gpt_academic (commit 310122f). The vulnerability arises in the function 解析项目源码(手动指定和筛选源码文件类型) that executes user-provided regular expressions, enabling a Regular Expression Denial of Service (ReDoS). Certain regex patterns can cause the Python RE engi...
CVE-2023-33979
The CVE-2023-33979 issue affects gpt_academic (3.37 and earlier), where improper handling of the Configuration File Handler allows manipulation of the file argument resulting in information disclosure. Read access via the /file route can leak sensitive information from working directories, partic...
CVE-2024-10948
CVE-2024-10948 concerns binary-husky/gpt_academic. The vulnerability is in the upload function: an attacker can intercept the websocket during file upload and replace the target path with the path of a file they want to read. The server copies the requested file to a private_upload directory and ...
CVE-2024-10954
CVE-2024-10954 affects the binary-husky/gpt_academic project’s manim plugin. The root cause is improper handling of user-provided prompts, leading to execution of untrusted code generated by the LLM without a sandbox. This enables remote code execution on the app backend when a malicious prompt i...
CVE-2024-10956
CVE-2024-10956 affects GPT Academy version 3.83 in the binary-husky/gpt_academic repository. The vulnerability is a Cross-Site WebSocket Hijacking (CSWSH) issue caused by insufficient WebSocket authentication and lack of origin validation, allowing an attacker to hijack an existing WebSocket conn...
CVE-2024-11037
CVE-2024-11037 affects binary-husky/gpt_academic. A path traversal flaw at commit 679352d allows bypassing blocked_paths and reading config.py containing sensitive data (e.g., OpenAI API key). Exploitation is described as Windows-specific via a URL containing the project’s absolute path. No mitig...
CVE-2024-11030
GPT Academic version 3.83 is affected by a Server-Side Request Forgery (SSRF) in the HotReload plugin. The vulnerability arises when HotReload calls crazy_utils.get_files_from_everything() without proper input sanitization, enabling an attacker to misuse the Gradio Web server’s credentials to acc...
CVE-2024-10101
CVE-2024-10101 concerns a stored XSS in binary-husky/gpt_academic v3.83, occurring at the /file endpoint which renders HTML files. Malicious HTML uploads stored on the backend can trigger payload execution in a victim’s browser when the file is accessed, potentially exposing session cookies or ot...
CVE-2024-10819
Vulnerability detail (CVE-2024-10819) : A CSRF issue affects binary-husky/gpt_academic version 3.83, enabling an attacker to trick a user into uploading files via the web interface, leveraging an active session. This can lead to unauthorized file uploads and potential system compromise, with the ...
CVE-2024-11033
CVE-2024-11033 affects binary-husky/gpt_academic v3.83, where the file upload feature mishandles form-data with an excessively large filename. Reported impact is a DoS, making the server unavailable for legitimate users due to resource exhaustion. The available connected documents confirm the aff...
CVE-2024-11039
CVE-2024-11039 affects binary-husky/gpt_academic
CVE-2024-12388
CVE-2024-12388 concerns a Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic (version 310122f). The vulnerability arises from a regex used to parse user input, whose matching time can grow polynomially for crafted inputs, potentially rendering the server unresponsive and un...
CVE-2024-12390
The CVE-2024-12390 entry concerns binary-husky/gpt_academic (version git 310122f). The vulnerability arises during extraction of user-supplied RAR files without proper validation. Exploitation relies on the Python rarfile module (which supports symlinks) to perform arbitrary file writes, enabling...
CVE-2024-12392
CVE-2024-12392 affects binary-husky/gpt_academic (git 310122f). Vulnerability: SSRF in arxiv paper-download feature due to incomplete URL validation, enabling the server to fetch arbitrary URLs including internal services and read responses (e.g., AWS metadata). Documented impacts include access ...
CVE-2024-10986
GPT Academic version 3.83 exposes a Local File Read (LFI) through HotReload, which downloads and extracts tar.gz files from arxiv.org. Although path traversal protections exist, the Tarslip caused by symlinks is not mitigated, enabling an attacker to read arbitrary local files on the victim serve...
CVE-2024-11031
Vulnerability: binary-husky/gpt_academic v3.83 has an SSRF flaw in Markdown_Translate.get_files_from_everything() exploitable via the HotReload plugin, which trusts HTTP links to fetch arbitrary hosts and can leverage the victim GPT Academic’s Gradio Web server credentials. Documented impact: una...
CVE-2024-10950
CVE-2024-10950 affects binary-husky/gpt_academic ≤ 3.83, via the CodeInterpreter plugin. The root cause is prompt injection that causes untrusted prompts to generate code executed without a sandbox, enabling remote code execution (RCE) on the application backend server. The described impact is fu...
CVE-2024-12387
CVE-2024-12387 affects the binary-husky/gpt_academic repository (commit git 3890467). The issue arises from improper input validation when handling uploaded compressed files, allowing an attacker to upload a zip bomb that expands in memory and triggers a server out-of-memory crash. Multiple conne...
CVE-2024-10714
CVE-2024-10714 affects binary-husky/gpt_academic v3.83. The vulnerability enables a Denial of Service by feeding excessive characters to the end of a multipart boundary during file uploads. The server reportedly processes each added character and emits a warning, potentially rendering the applica...
CVE-2026-0764
CVE-2026-0764 affects GPT Academic via the upload endpoint, where deserialization of untrusted data allows remote code execution with root privileges. The vulnerability requires no authentication and is detailed across multiple sources (ZDI-26-030, NVD/NVD-derived entries, Red Hat advisory). CVSS...
CVE-2025-10236
CVE-2025-10236 affects binary-husky gpt_academic up to version 3.91. The vulnerability resides in the LaTeX File Handler’s merge_tex_files_ function inside crazy_functions/latex_fns/latex_toolbox.py, where untrusted input passed to the \
CVE-2026-0762
CVE-2026-0762 affects GPT Academic's stream_daas deserialization of untrusted data, enabling remote code execution. The flaw arises from improper validation of user-supplied data, allowing an attacker who can contact a malicious DAAS server to trigger deserialization and execute code with root pr...
CVE-2026-0763
GPT Academic is affected by CVE-2026-0763 via the run_in_subprocess_wrapper_func deserialization flaw, enabling remote code execution with root privileges. The issue stems from insufficient validation of user-supplied data, allowing deserialization of untrusted data, and does not require authenti...