Localai Security Vulnerabilities and Issues — Localai CVE List

Lucene search

MudlerLocalai

3 matches found

CVE•added 2024/11/04 11:15 p.m.•83 views

CVE-2024-48057

localai

6.1CVSS6.2AI score0.00033EPSS

CVE•added 2024/04/01 7:15 p.m.•66 views

CVE-2024-3135

A Cross-Site Request Forgery (CSRF) vulnerability exists in the mudler/localai application, allowing attackers to craft malicious webpages that, when visited by a victim, perform unauthorized actions on the victim's local LocalAI instance without their consent. This vulnerability enables attackers ...

6.5CVSS6.4AI score0.00086EPSS

CVE•added 2025/03/20 10:15 a.m.•47 views

CVE-2024-9900

mudler/localai version v2.21.1 contains a Cross-Site Scripting (XSS) vulnerability in its search functionality. The vulnerability arises due to improper sanitization of user input, allowing the injection and execution of arbitrary JavaScript code. This can lead to the execution of malicious scripts...

6.1CVSS5.5AI score0.00068EPSS