Vulnerabilidades en AstrBotDevs
11 resultadosCVE-2026-6118MEDIUMAstrBotDevs AstrBot MCP Endpoint tools.py add_mcp_server command injectionEPSS 2.3%CVE-2025-48957HIGHAstrBot Has Path Traversal Vulnerability in /api/chat/get_fileEPSS 0.6%CVE-2026-10213MEDIUMAstrBotDevs AstrBot API Endpoint delete path traversalEPSS 0.4%CVE-2026-8754MEDIUMAstrBotDevs AstrBot File Upload chat.py post_file path traversalEPSS 0.4%CVE-2026-6984MEDIUMAstrBotDevs AstrBot Dashboard API t2i.py create_template special elements used in a template engineEPSS 0.3%CVE-2026-7579MEDIUMAstrBotDevs AstrBot Dashboard auth.py hard-coded credentialsEPSS 0.3%CVE-2026-6119MEDIUMAstrBotDevs AstrBot API Endpoint post_data.get server-side request forgeryEPSS 0.3%CVE-2026-10210MEDIUMAstrBotDevs AstrBot skill_manager.py _sanitize_prompt_description injectionEPSS 0.2%CVE-2026-6117MEDIUMAstrBotDevs AstrBot install-upload Endpoint plugin.py install_plugin_upload sandboxEPSS 0.2%CVE-2026-10212MEDIUMAstrBotDevs AstrBot astr_main_agent.py astr_main_agent authorizationEPSS 0.2%CVE-2026-10211MEDIUMAstrBotDevs AstrBot fs.py _normalize_rw_path authorizationEPSS 0.2%