EUVD-2025-23941

Malicious code in bioql PyPI...

CVE-2025-8697

A vulnerability was found in agentUniverse up to 0.0.18 and classified as critical. This issue affects the function StdioServerParameters of the component MCPSessionManager/MCPTool/MCPToolkit. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has be...

Command Injection

Overview agentUniverse is an agentUniverse is a framework for developing applications powered by multi-agent base on large language model. Affected versions of this package are vulnerable to Command Injection via the StdioServerParameters function of the MCPSessionManager/MCPTool/MCPToolkit...

CVE-2025-8697

A vulnerability was found in agentUniverse up to 0.0.18 and classified as critical. This issue affects the function StdioServerParameters of the component MCPSessionManager/MCPTool/MCPToolkit. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has be...

CVE-2025-8697 agentUniverse MCPSessionManager/MCPTool/MCPToolkit StdioServerParameters os command injection

A vulnerability was found in agentUniverse up to 0.0.18 and classified as critical. This issue affects the function StdioServerParameters of the component MCPSessionManager/MCPTool/MCPToolkit. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has be...

CVE-2025-8697 agentUniverse MCPSessionManager/MCPTool/MCPToolkit StdioServerParameters os command injection

A vulnerability was found in agentUniverse up to 0.0.18 and classified as critical. This issue affects the function StdioServerParameters of the component MCPSessionManager/MCPTool/MCPToolkit. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has be...

CVE-2025-8697

AgentUniverse up to 0.0.18 contains a vulnerability in StdioServerParameters within MCPSessionManager/MCPTool/MCPToolkit that enables remote OS command injection. This is a concrete flaw affecting the StdioServerParameters function, with exploitation reported publicly. Multiple sources (including...

agentUniverse 命令注入漏洞

agentUniverse is agentuniverse-ai open source an LLM multi-agent framework that allows developers to easily build multi-agent applications. A command injection vulnerability exists in agentUniverse 0.0.18 and earlier versions, which stems from misuse of the function StdioServerParameters in the...

PT-2025-32308 · Unknown · Agentuniverse

Name of the Vulnerable Software and Affected Versions: agentUniverse versions up to 0.0.18 Description: A critical issue exists in agentUniverse that allows for remote OS command injection. The issue affects the StdioServerParameters function within the MCPSessionManager/MCPTool/MCPToolkit...

aact-openhands (>=0.0.4 <=0.0.5), aberoth-ephemeris (>=1.0.0 <=1.0.2) +578 more potentially affected by CVE-2024-6844 via flask-cors (>=1.1.2 <=5.0.1)

flask-cors PYPI version =1.1.2, =0.0.4, =1.0.0, =1.8.8, =1.1.4, =0.0.1, =0.0.1, =0.0.4, =0.0.13, =0.1.0, =0.1.1, =0.1.0, =1.1.0, =0.0.1, =0.0.18, =1.0.2, =1.3.0 and more Source cves: CVE-2024-6844 Source advisory: OSV:GHSA-8VGW-P6QM-5GR7...