MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
tools
Search

AI Bug Bounty Program Finds 34 Flaws in Open-Source Tools

Sunday November 3, 2024. 01:34 PM , from Slashdot
AI Bug Bounty Program Finds 34 Flaws in Open-Source Tools
Slashdot reader spatwei shared this report from SC World:

Nearly three dozen flaws in open-source AI and machine learning (ML) tools were disclosed Tuesday as part of [AI-security platform] Protect AI's huntr bug bounty program.

The discoveries include three critical vulnerabilities: two in the Lunary AI developer toolkit [both with a CVSS score of 9.1] and one in a graphical user interface for ChatGPT called Chuanhu Chat. The October vulnerability report also includes 18 high-severity flaws ranging from denial-of-service to remote code execution... Protect AI's report also highlights vulnerabilities in LocalAI, a platform for running AI models locally on consumer-grade hardware, LoLLMs, a web UI for various AI systems, LangChain.js, a framework for developing language model applications, and more.
In the article, Protect AI's security researchers point out that these open-source tools are 'downloaded thousands of times a month to build enterprise AI Systems.'

The three critical vulnerabilties have already been addressed by their respective companies, according to the article.

Read more of this story at Slashdot.
Read more at Slashdot
https://it.slashdot.org/story/24/11/03/0123205/ai-bug-bounty-program-finds-34-flaws-in-open-source-t...

Related News

tools Microsoft Exchange update fixes security flaws, breaks other stuff TheRegisterNov 15
flaws Some of Substack’s Biggest Newsletters Rely On AI Writing Tools Wired: Tech.Nov 15
open-source Open Source Fights Back: 'We Won't Get Patent-Trolled Again' SlashdotNov 15
ai's Five Eyes infosec agencies list 2024's most exploited software flaws TheRegisterNov 14
protect Five Eyes infosec agencies list 2023's most exploited software flaws TheRegisterNov 14
bug GOG's Preservation Program Is the DRM-Free Store Refocusing On the Classics SlashdotNov 14
bounty Microsoft fixes dozens of security flaws in Windows and Office PC WorldNov 13
program Don't be like Michael Scott! Present data like a pro with Microsoft Visio's diagramming tools BoingBoingNov 13
report Spotify's Car Thing, Due For Bricking, Is Getting an Open Source Second Life SlashdotNov 13
three Open Source Project DeFlock Is Mapping License Plate Surveillance Cameras All Over the World SlashdotNov 12
systems Logitech launches Sync smart office tools to streamline workplace efficiency BetaNewsNov 12
critical What might a second term of Trump mean for the US space program? TheRegisterNov 12
vulnerabilities Box adds AI agent and no-code app builder tools ComputerWorldNov 12
article [$] The top open-source security events in 2024 LWN.netNov 11
platform Mozilla Foundation lays off 30% of its employees, ends advocacy for open web, privacy, and more OS NewsNov 8
tools Watchdog finds AI tools can be used unlawfully to filter candidates by race, gender TheRegisterNov 8
flaws Don't open that 'copyright infringement' email attachment – it's an infostealer TheRegisterNov 7
open-source AMD rolls out open-source OLMo LLM, to compete with AI giants ComputerWorldNov 7
ai's Windows on Arm update could open the door to more gaming PC WorldNov 6
protect 5 Best AI Detection Tools for Different Use Cases eWeekNov 6
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Nov, Thu 21 - 11:16 CET