Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.9 views

CVE-2026-10210

A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function sanitizepromptdescription of the file astrbot/core/skills/skillmanager.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public and...

6.5CVSS6.1AI score0.00228EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 2:16 a.m.12 views

CVE-2026-10210

A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function sanitizepromptdescription of the file astrbot/core/skills/skillmanager.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public and...

6.5CVSS0.00228EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/01 1:0 a.m.14 views

EUVD-2026-33531

A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function sanitizepromptdescription of the file astrbot/core/skills/skillmanager.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public and...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/01 1:0 a.m.9 views

CVE-2026-10210

A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function sanitizepromptdescription of the file astrbot/core/skills/skillmanager.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public and...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/01 1:0 a.m.29 views

CVE-2026-10210

The CVE affects AstrBotDevs AstrBot 4.23.6. The vulnerable component is the function _sanitize_prompt_description in astrbot/core/skills/skill_manager.py, where input handling allows injection due to improper sanitization. This vulnerability is reachable over a network (remote exploit) and, per t...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.14 views

PT-2026-45242

A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function sanitize prompt description of the file astrbot/core/skills/skill manager.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public an...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

AstrBot 安全漏洞

AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Version 4.23.6 of AstrBot contains a security vulnerability, which stems from an injection vulnerability in the sanitizepromptdescription function located in the astrbot/core/skills/skillmanager.py...

6.5CVSS6.3AI score0.00228EPSS
Exploits0References5
Rows per page
Query Builder