Critical severity9.8NVD Advisory· Published Mar 27, 2026· Updated Apr 8, 2026
CVE-2026-33879
CVE-2026-33879
Description
Federated Learning and Interoperability Platform (FLIP) is an open-source platform for federated training and evaluation of medical imaging AI models across healthcare institutions. The FLIP login page in versions 0.1.1 and prior has no rate limiting or CAPTCHA, enabling brute-force and credential-stuffing attacks. FLIP users are external to the organization, increasing credential reuse risk. As of time of publication, it is unclear if a patch is available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:aicentre:federated_learning_and_interoperability_platform:*:*:*:*:*:*:*:*Range: <0.1.1
- Range: <=0.1.1
Patches
Vulnerability mechanics
References
1- github.com/londonaicentre/FLIP/security/advisories/GHSA-p34f-488j-5cwvnvdMitigationVendor Advisory
News mentions
0No linked articles in our index yet.