CVE-2025-57697

AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function encodeimagebs64. Since the encodeimagebs64 function defined in entities.py opens the image specified by the user in the request body and returns the image content as a base64-encoded string without checking the legitimac...

libxml2 缓冲区错误漏洞

libxml2 is a library written in C for parsing XML documents . A buffer overflow vulnerability exists in entities.c in libxml2, which can be exploited by an attacker to cause a buffer overflow or heap overflow...