Browse all 21 CVE security advisories affecting aimhubio. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Aimhubio operates as an AI-powered platform designed to streamline software development workflows, primarily focusing on code analysis and automation for enterprise engineering teams. Security audits have identified twenty-one distinct Common Vulnerabilities and Exposures (CVEs) associated with the service, indicating a history of significant technical debt. The majority of these vulnerabilities stem from insecure direct object references and improper access control mechanisms, which frequently lead to privilege escalation and unauthorized data access. While cross-site scripting and remote code execution flaws have been documented, they represent a smaller fraction of the total attack surface. Notably, several incidents involved the exposure of sensitive internal configuration data due to misconfigured API endpoints. These recurring issues suggest that while the platform offers robust development tools, its underlying infrastructure has struggled to maintain rigorous security hygiene, resulting in a pattern of exploitable weaknesses that require immediate remediation by administrators.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-5321 | aimhubio aim run_view Object query.py RestrictedPythonQuery privilege escalation — aimCWE-265 | 6.3 | Medium | 2025-05-29 |
| CVE-2024-8863 | aimhubio aim Text Explorer textbox.tsx dangerouslySetInnerHTML cross site scripting — aimCWE-79 | 3.5 | Low | 2024-09-14 |
| CVE-2021-43775 | Arbitrary file reading vulnerability in Aim — aimCWE-22 | 8.6 | High | 2021-11-23 |
This page lists every published CVE security advisory associated with aimhubio. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.