Binary-husky Gpt Academic — known CVE vulnerabilities
Every CVE whose affected-product data names Binary-husky Gpt Academic, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (29)
CVE-2026-0763 — CVSS 9.8 (critical): GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability…
CVE-2024-31224 — CVSS 9.8 (critical): GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through…
CVE-2026-0764 — CVSS 9.8 (critical): GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to…
CVE-2024-10950 — CVSS 8.8 (high): In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The…
CVE-2024-10954 — CVSS 8.8 (high): In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of…
CVE-2024-12389 — CVSS 8.8 (high): A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The application supports the extraction of…
CVE-2024-12390 — CVSS 8.8 (high): A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction…
CVE-2024-10819 — CVSS 8.8 (high): A Cross-Site Request Forgery (CSRF) vulnerability in version 3.83 of binary-husky/gpt_academic allows an attacker to trick a user into…
CVE-2024-10986 — CVSS 8.8 (high): GPT Academic version 3.83 is vulnerable to a Local File Read (LFI) vulnerability through its HotReload function. This function can download…
CVE-2024-11039 — CVSS 8.8 (high): A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gpt_academic versions…
CVE-2026-0762 — CVSS 8.1 (high): GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers…
CVE-2024-11030 — CVSS 7.5 (high): GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability through its HotReload plugin function, which…
CVE-2024-11031 — CVSS 7.5 (high): In version 3.83 of binary-husky/gpt_academic, a Server-Side Request Forgery (SSRF) vulnerability exists in the Markdown_Translate.get_files_…
CVE-2024-10100 — CVSS 7.5 (high): A path traversal vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability is due to improper handling of the file…
CVE-2025-25185 — CVSS 7.5 (high): GPT Academic provides interactive interfaces for large language models. In 3.91 and earlier, GPT Academic does not properly account for…
CVE-2024-10714 — CVSS 7.5 (high): A vulnerability in binary-husky/gpt_academic version 3.83 allows an attacker to cause a Denial of Service (DoS) by adding excessive…
CVE-2024-10956 — CVSS 7.1 (high): GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site WebSocket Hijacking (CSWSH). This…
CVE-2024-11037 — CVSS 6.5 (medium): A path traversal vulnerability exists in binary-husky/gpt_academic at commit 679352d, which allows an attacker to bypass the blocked_paths…
CVE-2024-10948 — CVSS 6.5 (medium): A vulnerability in the upload function of binary-husky/gpt_academic allows any user to read arbitrary files on the system, including…
CVE-2024-11033 — CVSS 6.5 (medium): A Denial of Service (DoS) vulnerability exists in the file upload feature of binary-husky/gpt_academic version 3.83. The vulnerability is…
CVE-2023-33979 — CVSS 6.5 (medium): gpt_academic provides a graphical interface for ChatGPT/GLM. A vulnerability was found in gpt_academic 3.37 and prior. This issue affects…
CVE-2024-12387 — CVSS 6.5 (medium): A vulnerability in the binary-husky/gpt_academic repository, as of commit git 3890467, allows an attacker to crash the server by uploading…
CVE-2024-12388 — CVSS 6.5 (medium): A vulnerability in binary-husky/gpt_academic version 310122f allows for a Regular Expression Denial of Service (ReDoS) attack. The…
CVE-2024-12391 — CVSS 6.5 (medium): A vulnerability in binary-husky/gpt_academic, as of commit 310122f, allows for a Regular Expression Denial of Service (ReDoS) attack. The…
CVE-2024-12392 — CVSS 6.5 (medium): A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version git 310122f. The application has a…
CVE-2024-10812 — CVSS 6.1 (medium): An open redirect vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs when a user is redirected to a…
CVE-2025-0183 — CVSS 5.4 (medium): A stored cross-site scripting (XSS) vulnerability exists in the Latex Proof-Reading Module of binary-husky/gpt_academic version 3.9.0. This…
CVE-2024-10101 — CVSS 5.4 (medium): A stored cross-site scripting (XSS) vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs at the /file…
CVE-2025-10236 — CVSS 4.3 (medium): A vulnerability has been found in binary-husky gpt_academic up to 3.91. Impacted is the function merge_tex_files_ of the file…