CNNVD-202506-2780 Information

CNNVD ID

CNNVD-202506-2780

Related CVE

CVE-2025-6193

• CNNVD Published: 2025-06-20

Description (Chinese)

TrustyAI Explainability是TrustyAI开源的一个TrustyAI工具包。 TrustyAI Explainability存在操作系统命令注入漏洞，该漏洞源于命令注入，可能导致经过认证的用户执行任意命令。

Description (English)

TrustyAI Exchange is a TrustyAI toolbox from TrustyAI Open Source. There is a loophole in the operating system of TrustyAI Explainability, which results from the injection of the order and may lead to the execution of an arbitrary order by a certified user.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

TrustyAI

Published

2025-06-20

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-6193 https://github.com/trustyai-explainability/trustyai-service-operator/pull/504 https://bugzilla.redhat.com/show_bug.cgi?id=2374032 https://nvd.nist.gov/vuln/detail/CVE-2025-6193 https://access.redhat.com/security/cve/cve-2025-6193