CNNVD-202506-2606 Information

CNNVD ID

CNNVD-202506-2606

Related CVE

CVE-2025-6281

• CNNVD Published: 2025-06-19

Description (Chinese)

XAgent是OpenBMB开源的一个开源的实验性大型语言模型（LLM）驱动的自治代理。 XAgent 1.0.0及之前版本存在路径遍历漏洞，该漏洞源于文件/conv/community存在路径遍历。

Description (English)

XAgent is an autonomous agent driven by an open source of an experimental large-language model (LLM) from OpenBMB. XAgent 1.0.0 and previous versions have path-to-path loopholes, which stem from the document/conv/compunity path.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

OpenBMB

Published

2025-06-19

Last Modified

2026-02-24

References

https://github.com/OpenBMB/XAgent/issues/415 https://vuldb.com/?id.313285 https://vuldb.com/?submit.593615 https://vuldb.com/?ctiid.313285 https://access.redhat.com/security/cve/cve-2025-6281