Aggregates CVE and security vulnerability intelligence across all gtedge-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk path handling, with potential vendor impact file overwrite across vendor surface production workloads and vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-63664 | Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access other users' message history with AI agents. | [email protected] | 7.5 | 0.04% | 2025-12-22 | 2026-01-05 |
| CVE-2025-63663 | Incorrect access control in the /api/v1/conversations/*/files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to access other users' uploaded files. | [email protected] | 7.5 | 0.04% | 2025-12-22 | 2026-01-05 |
| CVE-2025-63662 | Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access sensitive information. | [email protected] | 7.5 | 0.04% | 2025-12-22 | 2026-01-05 |
| CVE-2025-63665 | An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attackers to execute arbitrary code via injecting a crafted JSON payload into the Prompt window. | [email protected] | 9.8 | 0.08% | 2025-12-19 | 2026-01-05 |