4 matches found
CVE-2025-8667
A vulnerability, which was classified as critical, was found in SkyworkAI DeepResearchAgent up to 08eb7f8eb9505d0094d75bb97ff7dacc3fa3bbf2. Affected is the function fromcode/fromdict/frommcp of the file src/tools/tools.py. The manipulation leads to os command injection. It is possible to launch t...
CVE-2025-8667
A vulnerability, which was classified as critical, was found in SkyworkAI DeepResearchAgent up to 08eb7f8eb9505d0094d75bb97ff7dacc3fa3bbf2. Affected is the function fromcode/fromdict/frommcp of the file src/tools/tools.py. The manipulation leads to os command injection. It is possible to launch t...
PT-2025-32201 · Unknown · Skyworkai Deepresearchagent
Name of the Vulnerable Software and Affected Versions: SkyworkAI DeepResearchAgent up to 08eb7f8eb9505d0094d75bb97ff7dacc3fa3bbf2 Description: A critical vulnerability exists in SkyworkAI DeepResearchAgent. The issue is an OS command injection within the from code, from dict, and from mcp functio...
DeepResearchAgent 命令注入漏洞
DeepResearchAgent is an open source application from Skywork. DeepResearchAgent has a command injection vulnerability that stems from the incorrect manipulation of parameters in the fromcode/fromdict/frommcp functions in the src/tools/tools.py file, which could lead to os command injection...