All 10 CVE vulnerabilities found in mudler/localai, with AI-generated Chinese analysis, references, and POCs.
Vendor: mudler
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-9900 | Cross-Site Scripting (XSS) in mudler/localai CWE-79 | 6.1 | - | 2025-03-20 |
| CVE-2024-7010 | Timing Attack in mudler/localai CWE-208 | 5.9AI | MediumAI | 2024-10-29 |
| CVE-2024-6868 | Arbitrary File Write in mudler/LocalAI CWE-59 | 8.8AI | HighAI | 2024-10-29 |
| CVE-2024-6983 | Remote Code Execution in mudler/localai CWE-94 | 8.8AI | HighAI | 2024-09-27 |
| CVE-2024-6095 | SSRF and Partial LFI in /models/apply Endpoint in mudler/localai CWE-918 | 5.3AI | MediumAI | 2024-07-06 |
| CVE-2024-5616 | CSRF Vulnerability in mudler/LocalAI CWE-352 | 4.3AI | MediumAI | 2024-07-06 |
| CVE-2024-5181 | Command Injection in mudler/localai CWE-78 | 7.2AI | HighAI | 2024-06-26 |
| CVE-2024-5182 | Path Traversal in mudler/localai CWE-22 | 7.5 | - | 2024-06-19 |
| CVE-2024-2029 | Command Injection in mudler/localai CWE-78 | 9.8AI | CriticalAI | 2024-04-10 |
| CVE-2024-3135 | Cross-Site Request Forgery (CSRF) Vulnerability in mudler/localai CWE-352 | 7.1 | - | 2024-04-01 |
All 10 known CVE vulnerabilities affecting mudler/localai with full Chinese analysis, references, and POCs where available.