AgentScope 安全漏洞

AgentScope is an open-source application developed by ModelScope. It simplifies the development of multi-agent applications based on LLMs. Versions of AgentScope prior to 1.0.18 contained a security vulnerability, which was caused by incorrect handling of the parameter url in the file...

CVE-2026-2256

A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input...

CVE-2026-2256 Command injection vulnerability in ModelScope's ms-agent

A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input...

CVE-2026-2256 Command injection vulnerability in ModelScope's ms-agent

A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input...

EUVD-2025-6904

Malicious code in bioql PyPI...

EUVD-2025-6908

Malicious code in bioql PyPI...

EUVD-2025-6909

Malicious code in bioql PyPI...

Deserialization Of Untrusted Data

ms-swift is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to unsafe deserialization due to malicious pickle deserialization in adapter model files, allowing arbitrary command execution when loading specially crafted adapter models from ModelScope...

PT-2025-31646 · Modelscope · Ms-Swift

Name of the Vulnerable Software and Affected Versions: modelscope/ms-swift versions through 2.6.1 Description: The modelscope/ms-swift library is susceptible to arbitrary code execution through the deserialization of untrusted data. This occurs within the load model meta function of the...

GHSA-R54C-2XMF-2CF3 MS SWIFT Deserialization RCE Vulnerability

This appears to be a security vulnerability report describing a remote code execution RCE exploit in the ms-swift framework through malicious pickle deserialization in adapter model files. The vulnerability allows arbitrary command execution when loading specially crafted adapter models from...

modelscope (>=1.9.0 <=1.9.1), scepter (>=0.0.1 <=1.4.1) potentially affected by CVE-2025-50460 via ms-swift (>=1.3.0 <=3.10.3)

ms-swift PYPI version =1.3.0, =1.9.0, =0.0.1, =1.4.1 Source cves: CVE-2025-50460 Source advisory: OSV:GHSA-FM6C-F59H-7MMG...

GHSA-6V28-Q95M-93QR AgentScope directory traversal vulnerability in /read-examples

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint...

CVE-2024-8556

A stored cross-site scripting XSS vulnerability exists in modelscope/agentscope, as of the latest commit 21161fe on the main branch. The vulnerability occurs in the view for inspecting detailed run information, where a user-controllable string run ID is appended and rendered as HTML. This allows ...

CVE-2024-8524

A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint...

PYSEC-2025-81

A Cross-Origin Resource Sharing CORS vulnerability exists in modelscope/agentscope version v0.0.4. The CORS configuration on the agentscope server does not properly restrict access to only trusted origins, allowing any external domain to make requests to the API. This can lead to unauthorized dat...

CVE-2024-8438 Path Traversal in modelscope/agentscope

A path traversal vulnerability exists in modelscope/agentscope version v.0.0.4. The API endpoint /api/file does not properly sanitize the path parameter, allowing an attacker to read arbitrary files on the server...

CVE-2024-8550 Local File Inclusion (LFI) in modelscope/agentscope

A Local File Inclusion LFI vulnerability exists in the /load-workflow endpoint of modelscope/agentscope version v0.0.4. This vulnerability allows an attacker to read arbitrary files from the server, including sensitive files such as API keys, by manipulating the filename parameter. The issue aris...