CNNVD-202508-2670 Information

CNNVD ID

CNNVD-202508-2670

Related CVE

CVE-2025-55523

• CNNVD Published: 2025-08-21

Description (Chinese)

Agent Zero是Jan Tomášek个人开发者的一个人工智能框架。 Agent Zero v0.8版本存在安全漏洞，该漏洞源于/api/download_work_dir_file.py组件中的目录遍历漏洞。

Description (English)

Agent Zero is an artificial intelligence framework for Jan Tomášek’s personal developer. Version Agent Zero v. 0.8 contains a security loophole that originates from the catalogues in the /api/download work dir file.py component.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-21

Last Modified

2026-02-24

References

https://www.cve.org/CVERecord?id=CVE-2025-6166 https://github.com/frdel/agent-zero/blob/v0.8.7/python/api/download_work_dir_file.py https://github.com/agent0ai/agent-zero/issues/687 https://nvd.nist.gov/vuln/detail/CVE-2025-55523

Patch

https://github.com/agent0ai/agent-zero/releases