← Back

Iota C.ai

iota_c.ai

Vendor: Gss • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-52959
1Gss
1Iota C.ai
Mar 6, 2026
Nov 27, 2024
9.3 CRITICAL· v4
7.2 HIGH· v3
N/A· v2
A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to perform arbitrary system c...Show more
A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to perform arbitrary system commands via a DLL file.Show less
CVE-2024-52958
1Gss
1Iota C.ai
Mar 6, 2026
Nov 27, 2024
9.3 CRITICAL· v4
7.2 HIGH· v3
N/A· v2
A improper verification of cryptographic signature vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to load a malicious DLL via upload plu...Show more
A improper verification of cryptographic signature vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to load a malicious DLL via upload plugin function.Show less