{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T17:20:07.066","vulnerabilities":[{"cve":{"id":"CVE-2024-12390","sourceIdentifier":"security@huntr.dev","published":"2025-03-20T10:15:28.380","lastModified":"2025-10-15T13:15:40.240","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR files without proper validation. The Python rarfile module, which supports symlinks, can be exploited to perform arbitrary file writes. This can lead to remote code execution by writing to sensitive files such as SSH keys, crontab files, or the application's own code."},{"lang":"es","value":"Una vulnerabilidad en binary-husky/gpt_academic, versión git 310122f, permite la ejecución remota de código. La aplicación permite la extracción de archivos RAR proporcionados por el usuario sin la validación adecuada. El módulo rarfile de Python, que admite enlaces simbólicos, puede explotarse para realizar escrituras arbitrarias en archivos. Esto puede provocar la ejecución remota de código al escribir en archivos sensibles como claves SSH, archivos crontab o el propio código de la aplicación."}],"metrics":{"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:binary-husky:gpt_academic:2024-10-15:*:*:*:*:*:*:*","matchCriteriaId":"6B6DCF58-F2C2-4491-92A8-BAC81C60A9A4"}]}]}],"references":[{"url":"https://huntr.com/bounties/1add2b26-460d-4aa5-8fda-ab045d153177","source":"security@huntr.dev","tags":["Exploit","Third Party Advisory"]}]}}]}