Ai.h2o:h2o-core
This hub aggregates every CVE we track for Ai.h2o:h2o-core, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
14
CVEs tracked
4
Critical
9
High
0
In CISA KEV
Severity distribution
HIGH9CRITICAL4MEDIUM1
Monthly trend
1
0
1
0
0
0
0
0
9
0
0
0
0
0
1
0
0
0
0
1
0
0
0
0
2024-072026-06
Latest CVEs
The 14 most recently published vulnerabilities affecting Ai.h2o:h2o-core.
- CVE-2024-5986Remote Arbitrary File Write with Arbitrary Data in h2oai/h2o-39.1
- CVE-2025-6544Deserialization Vulnerability in h2oai/h2o-39.8
- CVE-2024-10549Denial of Service by ReDOS in h2oai/h2o-37.5
- CVE-2024-8062Denial of Service in h2oai/h2o-37.5
- CVE-2024-7768Denial of Service in h2oai/h2o-37.5
- CVE-2024-6863Encryption of Arbitrary Files with Attacker-Controlled Key in h2oai/h2o-36.5
- CVE-2024-8616Arbitrary File Overwrite in h2oai/h2o-38.2
- CVE-2024-10550Denial of Service by ReDOS in h2oai/h2o-37.5
- CVE-2024-6854Arbitrary File Overwrite in h2oai/h2o-37.1
- CVE-2024-10553Jdbc Deserialization in h2oai/h2o-39.8
- CVE-2024-7765Denial of Service in h2oai/h2o-37.5
- CVE-2024-45758H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has acce...9.1
- CVE-2024-6960H2O deserializes ML models without filtering, potentially allowing execution of malicious code7.5
- CVE-2023-6038Local File Inclusion in h2oai/h2o-37.5
Product normalization is registry-driven with AI assist and human review. How it works