Jeremia Geraldi

3 exploits Active since Jun 2025
CVE-2025-45146 GITHUB CRITICAL WORKING POC
ModelCache < 0.2.0 - Remote Code Execution via Unsafe Deserialization in Data Manager
ModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via the component /manager/data_manager.py. This vulnerability allows attackers to execute arbitrary code via supplying crafted data.
CVSS 9.8
CVE-2024-57783 WRITEUP HIGH WRITEUP
Dot < 0.9.3 - Cross-Site Scripting and Remote Code Execution via innerHTML DOM Injection
The desktop application in Dot through 0.9.3 allows XSS and resultant command execution because user input and LLM output are appended to the DOM with innerHTML (in render.js), and because the Electron window can access Node.js APIs.
CVSS 8.1
CVE-2025-45146 WRITEUP CRITICAL WORKING POC
ModelCache < 0.2.0 - Remote Code Execution via Unsafe Deserialization in Data Manager
ModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via the component /manager/data_manager.py. This vulnerability allows attackers to execute arbitrary code via supplying crafted data.
CVSS 9.8