Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

invoke-ai — Vulnerabilities & Security Advisories 5

Browse all 5 CVE security advisories affecting invoke-ai. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Invoke-ai is an open-source platform for AI image generation that enables users to create and manipulate images through text prompts. Historically, the platform has been vulnerable to multiple remote code execution (RCE) flaws, cross-site scripting (XSS) attacks, and privilege escalation issues, as evidenced by its five recorded CVEs. These vulnerabilities often stem from improper input validation and insecure API endpoints. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks for enterprise deployments. The platform's security posture remains a concern for organizations deploying it in production environments, particularly given the criticality of RCE vulnerabilities in AI tools.

Found 5 results / 5Clear Filters
Top products by invoke-ai: invoke-ai/invokeai
CVE IDTitleCVSSSeverityPublished
CVE-2025-6237 Path Traversal and Arbitrary File Deletion in invoke-ai/invokeai — invoke-ai/invokeaiCWE-73 9.8AICriticalAI2025-09-18
CVE-2024-11043 Denial of Service (DoS) via Large Payload in Board Name Field in invoke-ai/invokeai — invoke-ai/invokeaiCWE-400 7.5 -2025-03-20
CVE-2024-10821 Denial of Service (DoS) in invoke-ai/invokeai — invoke-ai/invokeaiCWE-835 7.5 -2025-03-20
CVE-2024-11042 Arbitrary File Delete in invoke-ai/invokeai — invoke-ai/invokeaiCWE-73 9.1 -2025-03-20
CVE-2024-12029 Remote Code Execution via Model Deserialization in invoke-ai/invokeai — invoke-ai/invokeaiCWE-502 8.8 -2025-03-20

This page lists every published CVE security advisory associated with invoke-ai. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.