CVE-2025-63665

CRITICAL

GT Edge AI CE <v2.0.12 - RCE

Title source: llm

Description

An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window.

Exploits (1)

github WRITEUP

by RichardMedlin · poc

https://github.com/RichardMedlin/CVEs-Record-Keeping/tree/main/CVE-2025-63665

View Code ZIP pw:eip

References (2)

[Third Party Advisory] https://gist.github.com/p80n-sec/e5eefcef155e9dd14aaaaa49f9f94cd1

[Third Party Advisory] https://github.com/p80n-sec/Vulnerability-Research/blob/main/CVE-2025-63665/CVE-2025-63665.md

View Writeup ZIP pw:eip

Scores

CVSS v3 9.8

EPSS 0.0015

EPSS Percentile 35.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-94

Status published

Products (1)

gtedge/gt_edge_ai < 2.0.12

Published Dec 19, 2025

Tracked Since Feb 18, 2026