CVE-2025-6283
The CVE-2025-6283 entry concerns xataio Xata Agent up to version 0.3.0. A path traversal flaw in the GET handler of apps/dbagent/src/app/api/evals/route.ts arises from argument manipulation. Upgrading to version 0.3.1 mitigates the issue; the patch is named 03f27055e0cf5d4fa7e874d34ce8c74c7b9086c...