Peng Zhou
Peng Zhou
Hi PaddleNLP Team (@ZeyuChen): I find the PaddleNLP which integrates into the HuggingFace hub can be exploited to deploy malicious models in the HuggingFace, enabling reversed RCE or worm infection...
Hi @Unitech @rauchg I have opened a PR (https://github.com/418sec/cli-tableau/pull/1) which will fix the a possible Prototype Pollution bug in cli-tableau. Please take a review. If you are fine with that...
### Describe the bug The ``telejson.reviver()`` which is used to parse string data back to json structure can be abused to execute arbitrary code when the ``lazyEval`` option is set...
### Is there an existing issue for this problem? - [X] I have searched the existing issues ### Operating system Linux ### GPU vendor Nvidia (CUDA) ### GPU model _No...
Hello, I have a security report for your lollms-webui in Huntr and it seems the system cannot function well to send out notification to notify the maintainers in that report,...
### Have you searched existing issues? 🔎 - [X] I have searched and found no existing issues ### Desribe the bug I have just found a potential security issue in...
### Tested versions 3.3.1 ### System information All ### Issue description I have just found a potential security issue in the repo and want to know how I can report...