huntr: imartinez/privategpt

imartinez / privategpt

Interact with your documents using the power of GPT, 100% privately, no data leaks

Submit a report

FIRST INTERACTION

WITHINN/A DAYS

REVIEW

WITHIN47 DAYS

FIX

WITHIN259 DAYS

imartinez

Unsafe deserialization via pickle in PrivateGPT document and index loading

Jun 5th 2026

pending

imartinez

CORS Misconfiguration Vulnerability Leading to Sensitive Information Leak

Feb 15th 2025

superboy-zjc•

pending

imartinez

DoS by Sending Large Filename at File Upload Endpoint

Jan 5th 2025

High

•$750

High

•$750•CVE-2024-12063

imartinez

Server Side Request Forgery using CVE-2024-4325

Sep 4th 2024

duplicate

High

imartinez

Stored XSS via upload

Oct 15th 2024

web-hacker-team•

Medium

•$125

Medium

•$125•CVE-2024-8029

imartinez

DOS in multipart boundry while uploading the file

Sep 29th 2024

High

•$750

High

•$750•CVE-2024-8018

imartinez

Open Redirect due to improper handling in file parameter

Jun 6th 2024

Medium

•$125

Medium

•$125•CVE-2024-5936

imartinez

CSRF on delete all files.

Jun 10th 2024

Medium

•$125

Medium

•$125•CVE-2024-5935

imartinez

Server Side Request Forgery (SSRF)

May 23rd 2024

High

•$750

High

•$750•CVE-2024-5186

imartinez

Unrestricted file upload leads to XSS

Apr 16th 2024

Medium

•$125

Medium

•$125•CVE-2024-3851

imartinez

Using eval() in sagemaker.py to load external AWS Sagemaker LLM request leading...

Nov 14th 2024

Critical

•$1500

Critical

•$1500•CVE-2024-4343

imartinez

Local File Inclusion

Apr 6th 2024

pinkdraconian•

High

•$750

High

•$750•CVE-2024-3403

CRITICAL

$0

HIGH

$0

MEDIUM

$0

LOW

$0