Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

aimhubio — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting aimhubio. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Aimhubio operates as an AI-powered platform designed to streamline software development workflows, primarily focusing on code analysis and automation for enterprise engineering teams. Security audits have identified twenty-one distinct Common Vulnerabilities and Exposures (CVEs) associated with the service, indicating a history of significant technical debt. The majority of these vulnerabilities stem from insecure direct object references and improper access control mechanisms, which frequently lead to privilege escalation and unauthorized data access. While cross-site scripting and remote code execution flaws have been documented, they represent a smaller fraction of the total attack surface. Notably, several incidents involved the exposure of sensitive internal configuration data due to misconfigured API endpoints. These recurring issues suggest that while the platform offers robust development tools, its underlying infrastructure has struggled to maintain rigorous security hygiene, resulting in a pattern of exploitable weaknesses that require immediate remediation by administrators.

Top products by aimhubio: aimhubio/aim aim
CVE IDTitleCVSSSeverityPublished
CVE-2025-5321 aimhubio aim run_view Object query.py RestrictedPythonQuery privilege escalation — aimCWE-265 6.3 Medium2025-05-29
CVE-2024-8101 Stored XSS in aimhubio/aim — aimhubio/aimCWE-79 5.4 -2025-03-20
CVE-2024-8769 Arbitrary File Deletion via Relative Path Traversal in aimhubio/aim — aimhubio/aimCWE-22 9.1 -2025-03-20
CVE-2024-12777 Denial of Service in aimhubio/aim — aimhubio/aimCWE-1088 6.5 -2025-03-20
CVE-2024-8238 Unrestricted Code Execution in aimhubio/aim — aimhubio/aimCWE-1336 8.8 -2025-03-20
CVE-2025-0189 Denial of Service in aimhubio/aim — aimhubio/aimCWE-770 7.5 -2025-03-20
CVE-2024-6829 Arbitrary File Overwrite through tarfile-extraction in aimhubio/aim — aimhubio/aimCWE-73 6.5 -2025-03-20
CVE-2024-12778 Denial of Service in aimhubio/aim — aimhubio/aimCWE-770 7.5 -2025-03-20
CVE-2024-8061 Denial of Service in aimhubio/aim — aimhubio/aimCWE-1088 7.5 -2025-03-20
CVE-2024-6851 Arbitrary File Deletion in aimhubio/aim — aimhubio/aimCWE-22 9.1 -2025-03-20
CVE-2024-6483 Arbitrary File/Directory Deletion in aimhubio/aim — aimhubio/aimCWE-23 9.1 -2025-03-20
CVE-2024-10110 Denial of Service in aimhubio/aim — aimhubio/aimCWE-400 7.5 -2025-03-20
CVE-2024-7760 CSRF in aimhubio/aim — aimhubio/aimCWE-352 8.8 -2025-03-20
CVE-2025-0190 Denial of Service in aimhubio/aim — aimhubio/aimCWE-1049 7.5 -2025-03-20
CVE-2024-8863 aimhubio aim Text Explorer textbox.tsx dangerouslySetInnerHTML cross site scripting — aimCWE-79 3.5 Low2024-09-14
CVE-2024-6578 Stored XSS in aimhubio/aim — aimhubio/aimCWE-79 5.4 -2024-07-29
CVE-2024-6396 Arbitrary File Overwrite and Data Exfiltration in aimhubio/aim — aimhubio/aimCWE-29 10.0 -2024-07-12
CVE-2024-6227 Infinite Loop in aimhubio/aim — aimhubio/aimCWE-835 7.5 High2024-07-08
CVE-2024-2195 Remote Code Execution in aimhubio/aim — aimhubio/aimCWE-94 9.8AICriticalAI2024-04-10
CVE-2024-2196 CSRF Vulnerability in aimhubio/aim — aimhubio/aimCWE-352 8.1AIHighAI2024-04-10
CVE-2021-43775 Arbitrary file reading vulnerability in Aim — aimCWE-22 8.6 High2021-11-23

This page lists every published CVE security advisory associated with aimhubio. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.