CVE-2024-34524

In XLANG OpenAgents through fe73ac4, the allowedfile protection mechanism can be bypassed by using an incorrect file extension for the nature of the file content...

EUVD-2025-18699

Malicious code in bioql PyPI...

CVE-2025-6282

A vulnerability was found in xlang-ai OpenAgents up to ff2e46440699af1324eb25655b622c4a131265bb and classified as critical. Affected by this issue is the function createuploadfile of the file backend/api/file.py. The manipulation leads to path traversal. The exploit has been disclosed to the publ...

CVE-2025-6282

A vulnerability was found in xlang-ai OpenAgents up to ff2e46440699af1324eb25655b622c4a131265bb and classified as critical. Affected by this issue is the function createuploadfile of the file backend/api/file.py. The manipulation leads to path traversal. The exploit has been disclosed to the publ...

CVE-2025-6282

The CVE-2025-6282 issue affects xlang-ai OpenAgents, specifically the create_upload_file function in backend/api/file.py, where a path traversal vulnerability is introduced. Multiple connected sources confirm the vulnerability is critical and that the exploit has been disclosed publicly, with Ope...

CVE-2025-6282 xlang-ai OpenAgents file.py create_upload_file path traversal

A vulnerability was found in xlang-ai OpenAgents up to ff2e46440699af1324eb25655b622c4a131265bb and classified as critical. Affected by this issue is the function createuploadfile of the file backend/api/file.py. The manipulation leads to path traversal. The exploit has been disclosed to the publ...

CVE-2025-6282 xlang-ai OpenAgents file.py create_upload_file path traversal

A vulnerability was found in xlang-ai OpenAgents up to ff2e46440699af1324eb25655b622c4a131265bb and classified as critical. Affected by this issue is the function createuploadfile of the file backend/api/file.py. The manipulation leads to path traversal. The exploit has been disclosed to the publ...

PT-2025-26246 · Unknown · Xlang-Ai Openagents

Name of the Vulnerable Software and Affected Versions: xlang-ai OpenAgents versions up to ff2e46440699af1324eb25655b622c4a131265bb Description: A critical issue was found in the create upload file function of the backend/api/file.py file, leading to path traversal. The exploit has been disclosed ...

CVE-2024-34524

In XLANG OpenAgents through fe73ac4, the allowedfile protection mechanism can be bypassed by using an incorrect file extension for the nature of the file content...

CVE-2024-34524

In XLANG OpenAgents through fe73ac4, the allowedfile protection mechanism can be bypassed by using an incorrect file extension for the nature of the file content...

OpenAgents 安全漏洞

OpenAgents is an open language agent platform from xlang-ai open source. A security vulnerability exists in OpenAgents fe73ac4 and earlier versions, which stems from a vulnerability that allows an attacker to bypass the allowedfile protection mechanism by using an incorrect file extension...

CVE-2024-34524

OpenAgents (XLANG) prior to/through commit fe73ac4 contains a vulnerability in the allowed_file protection mechanism that can be bypassed by uploading content with an incorrect file extension for the content type. The issue affects Software OpenAgents as described by multiple sources (Red Hat, NV...

CVE-2024-34524

In XLANG OpenAgents through fe73ac4, the allowedfile protection mechanism can be bypassed by using an incorrect file extension for the nature of the file content...