Security News > 2025 > January > Lightning AI Studio Vulnerability Could've Allowed RCE via Hidden URL Parameter

Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could have allowed for remote code execution. The vulnerability, rated a CVSS score of 9.4, enables "attackers to potentially execute arbitrary commands with root privileges" by exploiting a hidden URL parameter, application security firm Noma said in

News URL

https://thehackernews.com/2025/01/lightning-ai-studio-vulnerability.html