Browse all 12 CVE security advisories affecting HumanSignal. AI-powered Chinese analysis, POCs, and references for each vulnerability.
HumanSignal provides a data labeling platform for machine learning training, with 12 CVEs recorded historically. Common vulnerabilities include remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and improper access controls. The platform's web interface and API have been repeatedly affected by issues allowing unauthorized access or code execution. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in web components suggests ongoing security challenges in maintaining secure access controls and input sanitization across their labeling infrastructure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-5173 | HumanSignal label-studio-ml-backend PT File neural_nets.py load deserialization — label-studio-ml-backendCWE-502 | 5.3 | Medium | 2025-05-26 |
This page lists every published CVE security advisory associated with HumanSignal. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.