CNNVD-202509-1727 Information

CNNVD ID

CNNVD-202509-1727

Related CVE

CVE-2025-10236

• CNNVD Published: 2025-09-11

Description (Chinese)

GPT Academic是binary-husky个人开发者的一个为 GPT/GLM 等 LLM 大语言模型提供实用化交互的接口。 GPT Academic 3.91及之前版本存在路径遍历漏洞，该漏洞源于对文件crazy_functions/latex_fns/latex_toolbox.py中参数input的错误操作，可能导致路径遍历攻击。

Description (English)

GPT Academic is a binary-husky personal developer that provides a practical interactive interface for LLM models such as GPT/GLM. GPT Academic 3.91 and previous versions have path-to-path loopholes, which stem from the error of the input parameter in document crazy functions/latex fns/latex toolbox.py, which could lead to a path-to-path attack.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

个人开发者

Published

2025-09-11

Last Modified

2026-02-24

References

https://github.com/d3do-23/cvelist/blob/main/gpt_academic/Plugins_LFI.md https://vuldb.com/?ctiid.323505 https://vuldb.com/?id.323505 https://vuldb.com/?submit.640977