This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
BaseFortify.eu
basefortify.bsky.social
did:plc:giplx3mfo7nnb44f3yzhclu3
🚨 MONAI (CVE-2025-58755)
Unsafe `extractall` lets a model-bundle zip overwrite files.
Because bundles can load via URL, blast radius grows.
No fix yet — block untrusted zips, sandbox loaders.
🔎 https://basefortify.eu/cve_reports/2025/09/cve-2025-58755.html
#CVE #MONAI #AI #MLOps #AppSec
2025-09-09T09:59:01.406Z