Gecko Security
Get a Demo

Security Research

Vulnerabilities discovered by Gecko's Scanner.
Each finding was responsibly disclosed to the vendor.

30

Assigned CVEs

22

Disclosure Process

15

Vulnerabilities Fixed

Featured

How Gecko Discovered 30 0-Day Vulnerabilities No AppSec Tool Found
Research

How Gecko Discovered 30 0-Day Vulnerabilities No AppSec Tool Found

Previously, there were entire classes of business logic and multi-step vulnerabilities that have long been invisible to SAST. Today, that changes.

Jeevan JutlaJul 31, 2025
Read post

Discoveries

Security vulnerabilities discovered and responsibly disclosed

RESEARCH

Why Static Analysis Struggles with Business Logic Vulnerabilities

The gap between tracking where data flows and reasoning about whether the logic is correct.

Jan 27, 2026Read more
RESEARCH

How Broken Access Controls in Cal.com Leaked Millions of Bookings and Enabled Complete Account Takeover

Gecko's AI security engineer discovered critical chained vulnerabilities in Cal.com Cloud that allowed complete account takeover and exposed all booking data.

Jan 26, 2026Read more
RESEARCH

How Gecko Discovered 30 0-Day Vulnerabilities No AppSec Tool Found

Previously, there were entire classes of business logic and multi-step vulnerabilities that have long been invisible to SAST. Today, that changes.

Jul 31, 2025Read more
CVE-2025-543819.9 Critical

CVE-2025-54381: BentoML SSRF in File Upload Processing

Server-side request forgery vulnerability in BentoML's file upload processing system allowing arbitrary HTTP requests from the server.

Jul 29, 2025Read more
CVE-2025-539447.7 High

CVE-2025-53944: AutoGPT Authorization Bypass in Graph Execution External API

Authorization bypass vulnerability in AutoGPT's external API allowing authenticated users to access execution results from other users' graph executions.

Jul 11, 2025Read more
CVE-2025-488895.3 Medium

CVE-2025-48889: Gradio Unauthorized File Copy via Path Manipulation

Arbitrary file copy vulnerability in Gradio's flagging feature allows unauthenticated attackers to copy any readable file from the server's filesystem.

May 29, 2025Read more
CVE-2025-514716.9 Medium

CVE-2025-51471: Ollama Cross-Domain Authentication Token Exposure

Authentication flow vulnerability in Ollama's model pulling mechanism allowing cross-domain token redirection and theft.

May 16, 2025Read more
CVE-2025-514795.4 Medium

CVE-2025-51479: ONYX Authorization Bypass in Enterprise Edition Group Management API

Authorization bypass vulnerability in ONYX Enterprise Edition allowing curators to manipulate groups outside their authorized scope.

May 14, 2025Read more
CVE-2025-514816.6 Medium

CVE-2025-51481: Dagster LFI in gRPC Server's ExternalNotebookData Endpoint

Local file inclusion vulnerability in Dagster's gRPC server allowing arbitrary file reading through path traversal in notebook data endpoint.

May 14, 2025Read more
CVE-2025-514828.8 High

CVE-2025-51482: Letta RCE via Unsanitized Tool Execution Endpoint

Remote code execution vulnerability in Letta's tool execution endpoint through unsafe Python code execution in inadequate sandbox.

May 14, 2025Read more
CVE-2025-514645.3 Medium

CVE-2025-51464: Stored XSS in AIM Reports

Stored cross-site scripting vulnerability in AIM Reports allowing malicious Python code to execute arbitrary JavaScript in users' browsers.

May 12, 2025Read more
CVE-2025-514808.8 High

CVE-2025-51480: ONNX Arbitrary File Overwrite in `save_external_data`

Arbitrary file overwrite vulnerability in ONNX library's save_external_data function through path traversal attacks.

May 12, 2025Read more
CVE-2025-514586.5 Medium

CVE-2025-51458: DB-GPT SQLI via CVE Bypass (CVE-2024-10835 & CVE-2024-10901)

SQL injection vulnerability in DB-GPT 0.7.0 despite fixes for prior CVEs, affecting multiple database endpoints.

Apr 28, 2025Read more
CVE-2025-514596.5 Medium

CVE-2025-51459: DB-GPT RCE in DB-GPT Plugin Upload System

Remote code execution vulnerability in DB-GPT's plugin upload functionality through unsafe Python code execution.

Apr 28, 2025Read more
CVE-2025-514626.1 Medium

CVE-2025-51462: Ragflow XSS in Dialog Configuration

Stored cross-site scripting vulnerability in Ragflow's dialog configuration functionality allowing malicious HTML/JavaScript execution.

Apr 23, 2025Read more
CVE-2025-514637.0 Medium

CVE-2025-51463: Aim Path Traversal in Server Backup Restoration

A path traversal vulnerability was found in AIM server. This vulnerability allows remote attackers to write arbitrary files on the server's filesystem via a malicious tar file extraction.

Apr 23, 2025Read more
CVE-2025-514726.5 Medium

CVE-2025-51472: SuperAGI RCE via Unsafe Eval in Template Config

Remote code execution vulnerability in SuperAGI through unsafe eval() usage in agent template configuration processing.

Apr 23, 2025Read more
CVE-2025-514755.0 Medium

CVE-2025-51475: SuperAGI AFO in File Upload Endpoint

Arbitrary file overwrite vulnerability in SuperAGI's file upload functionality due to insufficient path sanitization.

Apr 23, 2025Read more