VYPR
Vendor

Upsonic

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2026-0773CriJan 23, 2026
    risk 0.64cvss 9.8epss 0.01

    Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw…

  • CVE-2025-6279MedJun 19, 2025
    risk 0.29cvss 5.5epss 0.00

    A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/add_tool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to…

  • CVE-2025-6278MedJun 19, 2025
    risk 0.29cvss 5.5epss 0.01

    A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and…