CNNVD-202506-2984 Information

CNNVD ID

CNNVD-202506-2984

Related CVE

CVE-2025-6518

• CNNVD Published: 2025-06-23

Description (Chinese)

PySpur是PySpur开源的一个代理工作流的可视化游乐场：迭代代理的速度提高10倍。 PySpur 0.1.18及之前版本存在安全漏洞，该漏洞源于对文件backend/pyspur/nodes/llm/single_llm_call.py中参数user_message的错误操作导致模板引擎特殊元素中和不当。

Description (English)

PySpur is a visualized playground for a proxy stream from PySpur: the speed of the iterative agent has increased tenfold. PySpur 0.1.18 and previous versions contain a security loophole, which stems from the mishandling of the parameter user message in fileback/pysur/nodes/llm/single llm call.py, resulting in an inappropriate mix of special elements in the template engine.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PySpur

Published

2025-06-23

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.313638 https://vuldb.com/?id.313638 https://vuldb.com/?submit.593612 https://github.com/PySpur-Dev/pyspur/issues/289 https://access.redhat.com/security/cve/cve-2025-6518