Browse all 6 CVE security advisories affecting ray-project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32981 | Ray Dashboard <= 2.8.0 Path Traversal Leading to Local File Disclosure — RayCWE-22 | 7.5 | High | 2026-03-17 |
| CVE-2026-27482 | Ray: Dashboard DELETE endpoints allow unauthenticated browser-triggered DoS (Serve shutdown / job deletion) — rayCWE-396 | 5.9 | Medium | 2026-02-21 |
| CVE-2025-62593 | Ray is vulnerable to RCE via Safari & Firefox Browsers through DNS Rebinding Attack — rayCWE-94 | 9.6AI | CriticalAI | 2025-11-26 |
| CVE-2023-6020 | Ray Static File Local File Include — ray-project/rayCWE-862 | 7.5 | - | 2023-11-16 |
| CVE-2023-6019 | Ray Command Injection in cpu_profile Parameter — ray-project/rayCWE-78 | 9.8 | Critical | 2023-11-16 |
| CVE-2023-6021 | Ray Log File Local File Include — ray-project/rayCWE-29 | 7.5 | High | 2023-11-16 |
This page lists every published CVE security advisory associated with ray-project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.