72 matches found
CVE-2026-30624
Agent Zero 0.9.8 contains a remote code execution vulnerability in its External MCP Servers configuration feature. The application allows users to define MCP servers using a JSON configuration containing arbitrary command and args values. These values are executed by the application when the...
EUVD-2026-12538
A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...
EUVD-2026-12536
A security flaw has been discovered in frdel/agent0ai agent-zero 0.9.7-10. The impacted element is the function getabspath of the file python/helpers/files.py. The manipulation results in path traversal. The attack can be executed remotely. The exploit has been released to the public and may be...
CVE-2026-4308 frdel/agent0ai agent-zero document_query.py handle_pdf_document server-side request forgery
A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...
CVE-2026-4308 frdel/agent0ai agent-zero document_query.py handle_pdf_document server-side request forgery
A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...
CVE-2026-4308
A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handlepdfdocument of the file python/helpers/documentquery.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made available ...
CVE-2026-4308
CVE-2026-4308 affects frdel/agent0ai agent-zero 0.9.7. The flaw resides in the function handle_pdf_document of python/helpers/document_query.py, enabling remote server-side request forgery (SSRF). Public exploit code is available; exploitation is possible without user interaction beyond initial a...
CVE-2026-4307 frdel/agent0ai agent-zero files.py get_abs_path path traversal
A security flaw has been discovered in frdel/agent0ai agent-zero 0.9.7-10. The impacted element is the function getabspath of the file python/helpers/files.py. The manipulation results in path traversal. The attack can be executed remotely. The exploit has been released to the public and may be...
CVE-2026-4307 frdel/agent0ai agent-zero files.py get_abs_path path traversal
A security flaw has been discovered in frdel/agent0ai agent-zero 0.9.7-10. The impacted element is the function getabspath of the file python/helpers/files.py. The manipulation results in path traversal. The attack can be executed remotely. The exploit has been released to the public and may be...
Agent Zero 路径遍历漏洞
Agent Zero is an artificial intelligence framework developed by Jan Tomášek. Version 0.9.7 of Agent Zero contains a path traversal vulnerability, which stems from incorrect handling of parameters in the file python/helpers/files.py, potentially leading to path traversal attacks...
PT-2026-25871
A security flaw has been discovered in frdel/agent0ai agent-zero 0.9.7-10. The impacted element is the function get abs path of the file python/helpers/files.py. The manipulation results in path traversal. The attack can be executed remotely. The exploit has been released to the public and may be...
PT-2026-25872
🚨 CVE-2026-4308 A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handle pdf document of the file python/helpers/document query.py. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has...
Agent Zero 代码问题漏洞
Agent Zero is an artificial intelligence framework developed by Jan Tomášek himself. Version 0.9.7 of Agent Zero contains a code vulnerability caused by incorrect handling of parameters in the file python/helpers/documentquery.py. This vulnerability could lead to server-side request forgery...
agent-builder (>=0.0.2 <=0.1.7), agent-memory-layer (>=0.1.0 <=0.1.1) +62 more potentially affected by CVE-2026-26013 via langchain-openai (>=1.0.0 <=1.1.7)
langchain-openai PYPI version =1.0.0, =0.0.2, =0.1.0, =0.1.0, =0.1.0, =3.0.3, =0.0.48, =0.0.54, =0.1.2, =0.1.0, =0.1.0, =0.9.0 and more Source cves: CVE-2026-26013 Source advisory: SNYK:PYTHON-LANGCHAINOPENAI-15263095...
Agent-Zero 0.8.0 - 0.9.4 - Arbitrary File Download
Agent-Zero v0.8.0 - 0.9.4 contains a path traversal caused by improper validation in /api/downloadworkdirfile.py, letting attackers access unauthorized files, exploit requires crafted request. id: CVE-2025-55523 info: name: Agent-Zero 0.8.0 - 0.9.4 - Arbitrary File Download author: 0xAkoko...
VulnCheck KEV: CVE-2025-55523
An issue in the component /api/downloadworkdirfile.py of Agent-Zero v0.8. allows attackers to execute a directory traversal...
EUVD-2025-28592
Malicious code in bioql PyPI...
EUVD-2025-18479
Malicious code in bioql PyPI...
EUVD-2025-28593
Malicious code in bioql PyPI...
EUVD-2025-10856
Malicious code in bioql PyPI...