Null Pointer Dereference by Crafted Response from AI Model

Bug reported by canalun was disclosed at March 26, 2025, 2:02 am   |   NULL Pointer Dereference

The Brave browser was affected by a null pointer dereference vulnerability caused by a crafted response from an AI model. The vulnerability was triggered when the user set a malicious endpoint as the AI model's server endpoint. The code handling the server response assumed a specific structure without validating it, leading to the null pointer dereference.