Vulnerability Details CVE-2026-41512
ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability via JavaScript injection in `BrowserAutomation::PlaywrightService`. This issue has been patched in version 1.4.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.4%
CVSS Severity
CVSS v3 Score 9.9
References
Products affected by CVE-2026-41512
-
cpe:2.3:a:mozilla:0din_scanner:1.0.0
-
cpe:2.3:a:mozilla:0din_scanner:1.0.1
-
cpe:2.3:a:mozilla:0din_scanner:1.1.0
-
cpe:2.3:a:mozilla:0din_scanner:1.1.1
-
cpe:2.3:a:mozilla:0din_scanner:1.2.0
-
cpe:2.3:a:mozilla:0din_scanner:1.2.1
-
cpe:2.3:a:mozilla:0din_scanner:1.2.2
-
cpe:2.3:a:mozilla:0din_scanner:1.3.0
-
cpe:2.3:a:mozilla:0din_scanner:1.3.1
-
cpe:2.3:a:mozilla:0din_scanner:1.4.0