Peyton Kennedy (p80n) - Security Researcher - Exploit Intelligence Platform

CVE-2025-63662 GITHUB HIGH WRITEUP

GT Edge AI Platform <v2.0.10-dev - Info Disclosure

Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access sensitive information.

CVSS 7.5

View Code

CVE-2025-63663 GITHUB HIGH WRITEUP

GT Edge AI Platform <v2.0.10 - Info Disclosure

Incorrect access control in the /api/v1/conversations/*/files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to access other users' uploaded files.

CVSS 7.5

View Code

CVE-2025-63664 GITHUB HIGH WRITEUP

GT Edge AI Platform <2.0.10-dev - Info Disclosure

Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access other users' message history with AI agents.

CVSS 7.5

View Code

CVE-2025-63665 GITHUB CRITICAL WRITEUP

GT Edge AI Community Edition < 2.0.12 - Remote Code Execution via Prompt Window JSON Injection

An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window.

CVSS 9.8

View Code

CVE-2025-63665 WRITEUP CRITICAL WRITEUP

GT Edge AI Community Edition < 2.0.12 - Remote Code Execution via Prompt Window JSON Injection

An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window.

CVSS 9.8

View Code