Binary-husky Gpt_academic
29 CVEs affecting Binary-husky Gpt_academic. Latest disclosed: 2026-01-23. Critical: 3, High: 14.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-0764 | Critical | 9.8 | 2026-01-23 | GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code… |
CVE-2026-0763 | Critical | 9.8 | 2026-01-23 | GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers t… |
CVE-2024-31224 | Critical | 9.8 | 2024-04-08 | GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deseri… |
CVE-2024-12390 | High | 8.8 | 2025-03-20 | A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR… |
CVE-2024-12389 | High | 8.8 | 2025-03-20 | A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The application supports the extraction of user-provided 7z files witho… |
CVE-2024-11039 | High | 8.8 | 2025-03-20 | A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gpt_academic versions up to and including… |
CVE-2024-10986 | High | 8.8 | 2025-03-20 | GPT Academic version 3.83 is vulnerable to a Local File Read (LFI) vulnerability through its HotReload function. This function can download and extract tar.gz… |
CVE-2024-10954 | High | 8.8 | 2025-03-20 | In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The ro… |
CVE-2024-10950 | High | 8.8 | 2025-03-20 | In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The root cause is the ex… |
CVE-2024-10819 | High | 8.8 | 2025-03-20 | A Cross-Site Request Forgery (CSRF) vulnerability in version 3.83 of binary-husky/gpt_academic allows an attacker to trick a user into uploading files without… |
CVE-2026-0762 | High | 8.1 | 2026-01-23 | GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary… |
CVE-2024-11031 | High | 7.5 | 2025-03-20 | In version 3.83 of binary-husky/gpt_academic, a Server-Side Request Forgery (SSRF) vulnerability exists in the Markdown_Translate.get_files_from_everything() A… |
CVE-2024-11030 | High | 7.5 | 2025-03-20 | GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability through its HotReload plugin function, which calls the crazy_util… |
CVE-2024-10714 | High | 7.5 | 2025-03-20 | A vulnerability in binary-husky/gpt_academic version 3.83 allows an attacker to cause a Denial of Service (DoS) by adding excessive characters to the end of a… |
CVE-2025-25185 | High | 7.5 | 2025-03-03 | GPT Academic provides interactive interfaces for large language models. In 3.91 and earlier, GPT Academic does not properly account for soft links. An attacker… |
CVE-2024-10100 | High | 7.5 | 2024-10-17 | A path traversal vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability is due to improper handling of the file parameter, which is… |
CVE-2024-10956 | High | 7.1 | 2025-03-20 | GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site WebSocket Hijacking (CSWSH). This vulnerability allows an atta… |
CVE-2024-12392 | Medium | 6.5 | 2025-03-20 | A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version git 310122f. The application has a functionality to download pap… |
CVE-2024-12391 | Medium | 6.5 | 2025-03-20 | A vulnerability in binary-husky/gpt_academic, as of commit 310122f, allows for a Regular Expression Denial of Service (ReDoS) attack. The function '解析项目源码(手动指定… |
CVE-2024-12388 | Medium | 6.5 | 2025-03-20 | A vulnerability in binary-husky/gpt_academic version 310122f allows for a Regular Expression Denial of Service (ReDoS) attack. The application uses a regular e… |