Binary-husky Gpt_academic

29 CVEs affecting Binary-husky Gpt_academic. Latest disclosed: 2026-01-23. Critical: 3, High: 14.

Top CVEs affecting Binary-husky Gpt_academic
CVESeverityScorePublishedSummary
CVE-2026-0764Critical9.82026-01-23GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…
CVE-2026-0763Critical9.82026-01-23GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers t…
CVE-2024-31224Critical9.82024-04-08GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deseri…
CVE-2024-12390High8.82025-03-20A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR…
CVE-2024-12389High8.82025-03-20A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The application supports the extraction of user-provided 7z files witho…
CVE-2024-11039High8.82025-03-20A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gpt_academic versions up to and including…
CVE-2024-10986High8.82025-03-20GPT Academic version 3.83 is vulnerable to a Local File Read (LFI) vulnerability through its HotReload function. This function can download and extract tar.gz…
CVE-2024-10954High8.82025-03-20In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The ro…
CVE-2024-10950High8.82025-03-20In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The root cause is the ex…
CVE-2024-10819High8.82025-03-20A Cross-Site Request Forgery (CSRF) vulnerability in version 3.83 of binary-husky/gpt_academic allows an attacker to trick a user into uploading files without…
CVE-2026-0762High8.12026-01-23GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary…
CVE-2024-11031High7.52025-03-20In version 3.83 of binary-husky/gpt_academic, a Server-Side Request Forgery (SSRF) vulnerability exists in the Markdown_Translate.get_files_from_everything() A…
CVE-2024-11030High7.52025-03-20GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability through its HotReload plugin function, which calls the crazy_util…
CVE-2024-10714High7.52025-03-20A vulnerability in binary-husky/gpt_academic version 3.83 allows an attacker to cause a Denial of Service (DoS) by adding excessive characters to the end of a…
CVE-2025-25185High7.52025-03-03GPT Academic provides interactive interfaces for large language models. In 3.91 and earlier, GPT Academic does not properly account for soft links. An attacker…
CVE-2024-10100High7.52024-10-17A path traversal vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability is due to improper handling of the file parameter, which is…
CVE-2024-10956High7.12025-03-20GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site WebSocket Hijacking (CSWSH). This vulnerability allows an atta…
CVE-2024-12392Medium6.52025-03-20A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version git 310122f. The application has a functionality to download pap…
CVE-2024-12391Medium6.52025-03-20A vulnerability in binary-husky/gpt_academic, as of commit 310122f, allows for a Regular Expression Denial of Service (ReDoS) attack. The function '解析项目源码(手动指定…
CVE-2024-12388Medium6.52025-03-20A vulnerability in binary-husky/gpt_academic version 310122f allows for a Regular Expression Denial of Service (ReDoS) attack. The application uses a regular e…