VYPR
Low severity3.3NVD Advisory· Published Mar 30, 2025· Updated Jun 17, 2026

CVE-2025-2954

CVE-2025-2954

Description

A vulnerability, which was classified as problematic, was found in mannaandpoem OpenManus up to 2025.3.13. This affects the function execute of the file app/tool/file_saver.py of the component File Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected products

2
  • mannaandpoem/OpenManusllm-fuzzy2 versions
    <=2025.3.13+ 1 more
    • (no CPE)range: <=2025.3.13
    • (no CPE)range: 2025.3.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.