95 matches found
CVE-2026-4505
A vulnerability has been found in eosphoros-ai DB-GPT up to 0.7.5. This issue affects the function moduleplugin.refreshplugins of the file packages/dbgpt-serve/src/dbgptserve/agent/hub/controller.py of the component FastAPI Endpoint. Such manipulation leads to unrestricted upload. It is possible ...
CVE-2026-4504
A flaw has been found in eosphoros-ai db-gpt up to 0.7.5. This vulnerability affects unknown code of the file /api/v1/editor/ of the component Incomplete Fix. This manipulation causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. Th...
EUVD-2026-13804
A flaw has been found in eosphoros-ai db-gpt up to 0.7.5. This vulnerability affects unknown code of the file /api/v1/editor/ of the component Incomplete Fix. This manipulation causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. Th...
CVE-2026-4505
A vulnerability has been found in eosphoros-ai DB-GPT up to 0.7.5. This issue affects the function moduleplugin.refreshplugins of the file packages/dbgpt-serve/src/dbgptserve/agent/hub/controller.py of the component FastAPI Endpoint. Such manipulation leads to unrestricted upload. It is possible ...
CVE-2026-4505 eosphoros-ai DB-GPT FastAPI Endpoint controller.py module_plugin.refresh_plugins unrestricted upload
A vulnerability has been found in eosphoros-ai DB-GPT up to 0.7.5. This issue affects the function moduleplugin.refreshplugins of the file packages/dbgpt-serve/src/dbgptserve/agent/hub/controller.py of the component FastAPI Endpoint. Such manipulation leads to unrestricted upload. It is possible ...
CVE-2026-4505
A vulnerability has been found in eosphoros-ai DB-GPT up to 0.7.5. This issue affects the function moduleplugin.refreshplugins of the file packages/dbgpt-serve/src/dbgptserve/agent/hub/controller.py of the component FastAPI Endpoint. Such manipulation leads to unrestricted upload. It is possible ...
CVE-2026-4505 eosphoros-ai DB-GPT FastAPI Endpoint controller.py module_plugin.refresh_plugins unrestricted upload
A vulnerability has been found in eosphoros-ai DB-GPT up to 0.7.5. This issue affects the function moduleplugin.refreshplugins of the file packages/dbgpt-serve/src/dbgptserve/agent/hub/controller.py of the component FastAPI Endpoint. Such manipulation leads to unrestricted upload. It is possible ...
CVE-2026-4504 eosphoros-ai db-gpt Incomplete Fix editor sql injection
A flaw has been found in eosphoros-ai db-gpt up to 0.7.5. This vulnerability affects unknown code of the file /api/v1/editor/ of the component Incomplete Fix. This manipulation causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. Th...
CVE-2026-4504 eosphoros-ai db-gpt Incomplete Fix editor sql injection
A flaw has been found in eosphoros-ai db-gpt up to 0.7.5. This vulnerability affects unknown code of the file /api/v1/editor/ of the component Incomplete Fix. This manipulation causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. Th...
CVE-2026-4504
A flaw has been found in eosphoros-ai db-gpt up to 0.7.5. This vulnerability affects unknown code of the file /api/v1/editor/ of the component Incomplete Fix. This manipulation causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. Th...
CVE-2026-3409
A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...
CVE-2026-3409
A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...
CVE-2026-3409 eosphoros-ai db-gpt Flow Import Endpoint import importlib.machinery.SourceFileLoader.exec_module code injection
A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...
CVE-2026-3409
A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...
EUVD-2026-9142
A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...
CVE-2026-3409 eosphoros-ai db-gpt Flow Import Endpoint import importlib.machinery.SourceFileLoader.exec_module code injection
A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...
PT-2026-22540
Name of the Vulnerable Software and Affected Versions eosphoros-ai db-gpt version 0.7.5 Description A security flaw exists in eosphoros-ai db-gpt version 0.7.5 related to code injection. The issue is located in the function importlib.machinery.SourceFileLoader.exec module within the file...
EUVD-2025-22352
Malicious code in bioql PyPI...
EUVD-2025-7084
Malicious code in bioql PyPI...
EUVD-2025-6824
Malicious code in bioql PyPI...