CVE-2025-0628 - Improper Authorization in BerriAI/litellm Lets Regular Users Become Proxy Admins
Published: June 2024
CVSS Score: 8.8 (High)
Summary:
A new high-impact vulnerability—CVE-2025-0628—has been found in the main-latest version of BerriAI/litellm. This
CVE-2024-6842 - Sensitive API Keys Leak in mintplex-labs/anything-llm v1.5.5 Through `/setup-complete` Endpoint
CVE-2024-6842 is a critical vulnerability that impacts version 1.5.5 of the open-source project mintplex-labs/anything-llm. The flaw lies in the improperly secured /setup-complete
CVE-2024-12720 - Deep Dive into a ReDoS Flaw in huggingface/transformers (v4.46.3)
The world of machine learning relies heavily on open source libraries for productivity and performance. Hugging Face's transformers is one of the most
CVE-2025-1385 - ClickHouse library-bridge RCE – How Local API & Table Engine Lead to Arbitrary Code Execution
ClickHouse is a widely used high-performance columnar database, popular for analytics and big data workloads. But with great power comes great responsibility — and sometimes, serious
CVE-2025-27777 - Applio SSRF Vulnerability Exposes Internal Networks via Unprotected Model Download
Summary
A serious security issue has been discovered in Applio, an open source voice conversion tool. Versions 3.2.7 and earlier are vulnerable to
Episode
00:00:00
00:00:00