RichardMedlin

5 exploits Active since Dec 2025
CVE-2026-20925 GITHUB MEDIUM NO CODE
Windows 10/11, Server 2008/2012/2016 Unauthenticated Spoofing via NTLM File Path Control
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
CVSS 6.5
CVE-2025-63662 GITHUB HIGH WRITEUP
GT Edge AI Platform <v2.0.10-dev - Info Disclosure
Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access sensitive information.
CVSS 7.5
CVE-2025-63663 GITHUB HIGH WRITEUP
GT Edge AI Platform <v2.0.10 - Info Disclosure
Incorrect access control in the /api/v1/conversations/*/files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to access other users' uploaded files.
CVSS 7.5
CVE-2025-63664 GITHUB HIGH WRITEUP
GT Edge AI Platform <2.0.10-dev - Info Disclosure
Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access other users' message history with AI agents.
CVSS 7.5
CVE-2025-63665 GITHUB CRITICAL WRITEUP
GT Edge AI Community Edition < 2.0.12 - Remote Code Execution via Prompt Window JSON Injection
An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window.
CVSS 9.8