Cyber Resilience

CVE-2024-45858

High

Published: 18 September 2024

Published
18 September 2024
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0011 28.4th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-45858 is a high-severity Eval Injection (CWE-95) vulnerability in Hiddenlayer (inferred from references). Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 28.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Other Platforms; in the Supply Chain and Deployment risk domain.

EU & UK References

Vulnerability details

An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the…

more

code will be passed to an eval function, causing it to execute on the user's machine.

CWE(s)

AI Security AnalysisAI

AI Category
Other Platforms
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Guardrails AI is an open-source framework/platform for validating and adding guardrails to LLM outputs and applications, fitting under Other Platforms as a higher-level AI tool beyond core ML libraries or NLP-specific tools.

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
Why these techniques?

The vulnerability enables arbitrary code execution by loading a malicious XML file that injects Python code evaluated via eval(), facilitating client-side exploitation and Python interpreter abuse.

Affected Assets

Hiddenlayer
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References