Lollms
AI Threat Alert tracks 2 known AI/ML vulnerabilities affecting Lollms products — each enriched with CVSS severity, EPSS exploit probability, patch status, and CISO-grade analysis. Browse every Lollms CVE below, sorted by severity and recency.
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| LOW | CVE-2024-4839 | lollms-webui: CSRF allows unauthorized AI service install | lollms-webui | 3.3 |
| UNKNOWN | CVE-2024-4897 | lollms-webui: RCE via malicious GGUF model loading | - |
Frequently asked questions
How many known vulnerabilities affect Lollms?
2 AI/ML CVEs affecting Lollms products are tracked, sourced from NVD and GitHub Advisory.
What Lollms products are affected?
The CVEs below map to the Lollms AI/ML packages and tools tracked by AI Threat Alert; open any CVE to see the affected components and versions.
Where does the Lollms vulnerability data come from?
Data is sourced from NVD and GitHub Advisory, then enriched with CVSS severity, EPSS exploit probability, and patch status for each CVE.
How can I monitor Lollms for new vulnerabilities?
AI Threat Alert tracks Lollms continuously; a Pro subscription adds breaking alerts when new CVEs affecting Lollms are published.
How do I assess Lollms's security exposure?
Each CVE below carries CVSS severity and exploitation signals, so you can review the highest-severity Lollms issues first and judge the exposure for your stack.