📦 Privategpt

This CVE describes a critical command injection vulnerability in PrivateGPT's SageMaker integration that allows remote code execution. Attackers can manipulate responses from AWS SageMaker LLM endpoin...

A Denial of Service vulnerability in imartinez/privategpt v0.6.2 allows attackers to crash the server by uploading files with excessively long filenames. This affects all users running the vulnerable ...

This Cross-Site Scripting (XSS) vulnerability in PrivateGPT allows attackers to upload malicious SVG files that execute JavaScript when clicked by victims. This affects users of PrivateGPT version 0.5...

An open redirect vulnerability in imartinez/privategpt version 0.5.0 allows attackers to redirect users to malicious websites by manipulating the 'file' parameter. This can lead to phishing attacks, m...

A stored XSS vulnerability in the imartinez/privategpt repository allows attackers to upload malicious HTML files containing JavaScript payloads. When victims access these files, the JavaScript execut...