Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

eosphoros-ai — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting eosphoros-ai. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Eosphoros-ai develops AI-powered security testing tools for software vulnerability detection, with 14 CVEs recorded in its history. Common vulnerabilities include remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation failures and insecure API implementations. The platform has faced criticism for generating false positives in automated scans, leading to potential security oversights. In 2023, a misconfiguration in its cloud deployment exposed sensitive customer data, though no widespread breaches were reported. Its testing framework occasionally fails to detect complex business logic vulnerabilities, relying heavily on known pattern matching rather than behavioral analysis.

Top products by eosphoros-ai: eosphoros-ai/db-gpt db-gpt
CVE IDTitleCVSSSeverityPublished
CVE-2026-4505 eosphoros-ai DB-GPT FastAPI Endpoint controller.py module_plugin.refresh_plugins unrestricted upload — DB-GPTCWE-434 6.3 Medium2026-03-20
CVE-2026-4504 eosphoros-ai db-gpt Incomplete Fix editor sql injection — db-gptCWE-89 7.3 High2026-03-20
CVE-2026-3409 eosphoros-ai db-gpt Flow Import Endpoint import importlib.machinery.SourceFileLoader.exec_module code injection — db-gptCWE-94 7.3 High2026-03-02
CVE-2025-6772 eosphoros-ai db-gpt import import_flow path traversal — db-gptCWE-22 7.3 High2025-06-27
CVE-2024-10830 Path Traversal in eosphoros-ai/db-gpt — eosphoros-ai/db-gptCWE-22 9.1 -2025-03-20
CVE-2024-10834 Arbitrary File Write in eosphoros-ai/db-gpt — eosphoros-ai/db-gptCWE-73 9.1 -2025-03-20
CVE-2024-10833 Arbitrary File Write in eosphoros-ai/db-gpt — eosphoros-ai/db-gptCWE-36 8.8 -2025-03-20
CVE-2024-10906 Cross-Site Request Forgery (CSRF) in eosphoros-ai/db-gpt — eosphoros-ai/db-gptCWE-352 8.8 -2025-03-20
CVE-2024-10829 Denial of Service (DoS) via Multipart Boundary in eosphoros-ai/db-gpt — eosphoros-ai/db-gptCWE-835 7.5 -2025-03-20
CVE-2024-10901 Arbitrary File Write via DuckDB SQL Injection in eosphoros-ai/db-gpt — eosphoros-ai/db-gptCWE-434 9.8 -2025-03-20
CVE-2024-10835 Arbitrary File Write via SQL Injection in eosphoros-ai/db-gpt — eosphoros-ai/db-gptCWE-89 9.8 -2025-03-20
CVE-2024-10902 Arbitrary File Upload with Path Traversal in eosphoros-ai/db-gpt — eosphoros-ai/db-gptCWE-22 9.8 -2025-03-20
CVE-2024-10831 Arbitrary File Write through Absolute Path Traversal in eosphoros-ai/db-gpt — eosphoros-ai/db-gptCWE-36 7.5 -2025-03-20
CVE-2025-0452 Arbitrary File Deletion in eosphoros-ai/DB-GPT — eosphoros-ai/db-gptCWE-73 9.1 -2025-03-20

This page lists every published CVE security advisory associated with eosphoros-ai. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.