VYPR

db-gpt

by eosphoros-ai

Source repositories

CVEs (6)

  • CVE-2024-10834CriMar 20, 2025
    risk 0.59cvss 9.1epss 0.01

    eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `os.path.join`, enabling an attacker to write files to arbitrary locations on…

  • CVE-2025-0452HigMar 20, 2025
    risk 0.53cvss 8.2epss 0.01

    eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems via the '/v1/agent/hub/update' endpoint. The application fails to properly filter the '\' character, which is commonly used as a separator in Windows paths. This vulnerability allows…

  • CVE-2026-3409HigMar 2, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.exec_module of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code…

  • CVE-2025-6772HigJun 27, 2025
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in eosphoros-ai db-gpt up to 0.7.2. It has been classified as critical. Affected is the function import_flow of the file /api/v2/serve/awel/flow/import. The manipulation of the argument File leads to path traversal. It is possible to launch the attack…

  • CVE-2025-51458MedJul 22, 2025
    risk 0.00cvss 6.5epss 0.00

    SQL Injection in editor_sql_run and query_ex in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary SQL statements via crafted input passed to the /v1/editor/sql/run or /v1/editor/chart/run endpoints, interacting with api_editor_v1.editor_sql_run,…

  • CVE-2025-51459MedJul 22, 2025
    risk 0.00cvss 6.5epss 0.00

    File Upload vulnerability in agent.hub.controller.refresh_plugins in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary code via a malicious plugin ZIP file uploaded to the /v1/personal/agent/upload endpoint, interacting with plugin_hub._sanitize_filename and…