184 matches found
CVE-2026-6605
A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function getbytesfromweburl of the file src/agentscope/utils/common.py of the component Internal Service. Performing a manipulation results in server-side request forgery. It is possible to initiate the...
CVE-2026-6603
A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerability is the function executepythoncode/executeshellcommand of the file src/AgentScope/tool/coding/python.py. This manipulation causes code injection. The attack is possible to be carried out remotely...
CVE-2026-6604
A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...
CVE-2026-6606
A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function processaudioblock of the file src/agentscope/agent/agentbase.py. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attack...
1byte-react-design (>=1.7.1 <=1.14.0), 1g6table (=0.1.0) +1607 more potentially affected by unknown CVE via @antv/event-emitter (=0.1.3)
@antv/event-emitter NPM version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/event-emitter and may be impacted: - 1byte-react-design =1.7.1, =1.1.0, =1.0.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.0.9, =0.1.2, =1.1.43, =0.9.1, =5.0.48,...
@agentscope-ai/chat (>=1.1.43 <=1.1.66), @ant-design/charts (>=2.2.2 <=2.6.7) +78 more potentially affected by unknown CVE via @antv/graphin (=3.0.5)
@antv/graphin NPM version =3.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/graphin and may be impacted: - @agentscope-ai/chat =1.1.43, =2.2.2, =2.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0-beta.0, =1.0.1, =1.0.0, =1.0.0,...
EUVD-2026-23777
A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function processaudioblock of the file src/agentscope/agent/agentbase.py. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attack...
adclaw (>=1.0.0 <=1.0.29), agentscope-runtime (=1.0.5.post1) +14 more potentially affected by CVE-2026-6606 via agentscope (>=0.1.0 <=1.0.18)
agentscope PYPI version =0.1.0, =1.0.0, =1.0.0.post2, =0.1.0, =0.1.0, =0.0.1, =0.1.0.post1, =1.1.0, =1.0.2, =0.1.7, =1.0.1, =1.0.0.4, =0.83.0, =0.99.32 and more Source cves: CVE-2026-6606 Source advisory: OSV:GHSA-CRX8-WPV6-JRJ2...
AgentScope vulnerable to Server-Side Request Forgery
A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function processaudioblock of the file src/agentscope/agent/agentbase.py. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attack...
GHSA-CRX8-WPV6-JRJ2 AgentScope vulnerable to Server-Side Request Forgery
A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function processaudioblock of the file src/agentscope/agent/agentbase.py. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attack...
adclaw (>=1.0.0 <=1.0.29), agentscope-runtime (=1.0.5.post1) +14 more potentially affected by CVE-2026-6604 via agentscope (>=0.1.0 <=1.0.18)
agentscope PYPI version =0.1.0, =1.0.0, =1.0.0.post2, =0.1.0, =0.1.0, =0.0.1, =0.1.0.post1, =1.1.0, =1.0.2, =0.1.7, =1.0.1, =1.0.0.4, =0.83.0, =0.99.32 and more Source cves: CVE-2026-6604 Source advisory: OSV:GHSA-659X-HM75-HPV7...
EUVD-2026-23774
A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function getbytesfromweburl of the file src/agentscope/utils/common.py of the component Internal Service. Performing a manipulation results in server-side request forgery. It is possible to initiate the...
EUVD-2026-23773
A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...
EUVD-2026-23770
A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerability is the function executepythoncode/executeshellcommand of the file src/AgentScope/tool/coding/python.py. This manipulation causes code injection. The attack is possible to be carried out remotely...
adclaw (>=1.0.0 <=1.0.29), agentscope-runtime (=1.0.5.post1) +14 more potentially affected by CVE-2026-6605 via agentscope (>=0.1.0 <=1.0.18)
agentscope PYPI version =0.1.0, =1.0.0, =1.0.0.post2, =0.1.0, =0.1.0, =0.0.1, =0.1.0.post1, =1.1.0, =1.0.2, =0.1.7, =1.0.1, =1.0.0.4, =0.83.0, =0.99.32 and more Source cves: CVE-2026-6605 Source advisory: OSV:GHSA-8GGF-R3VM-P3JC...
adclaw (>=1.0.0 <=1.0.29), agentscope-runtime (=1.0.5.post1) +14 more potentially affected by CVE-2026-6603 via agentscope (>=0.1.0 <=1.0.18)
agentscope PYPI version =0.1.0, =1.0.0, =1.0.0.post2, =0.1.0, =0.1.0, =0.0.1, =0.1.0.post1, =1.1.0, =1.0.2, =0.1.7, =1.0.1, =1.0.0.4, =0.83.0, =0.99.32 and more Source cves: CVE-2026-6603 Source advisory: OSV:GHSA-CR24-FV3H-8CJM...
GHSA-8GGF-R3VM-P3JC AgentScope vulnerable to Server-Side Request Forgery
A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function getbytesfromweburl of the file src/agentscope/utils/common.py of the component Internal Service. Performing a manipulation results in server-side request forgery. It is possible to initiate the...
AgentScope vulnerable to Server-Side Request Forgery
A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function getbytesfromweburl of the file src/agentscope/utils/common.py of the component Internal Service. Performing a manipulation results in server-side request forgery. It is possible to initiate the...
AgentScope vulnerable to Server-Side Request Forgery
A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...
AgentScope Vulnerable to Remote Code Injection
A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerability is the function executepythoncode/executeshellcommand of the file src/AgentScope/tool/coding/python.py. This manipulation causes code injection. The attack is possible to be carried out remotely...