CNNVD-202509-1077 Information

CNNVD ID

CNNVD-202509-1077

Related CVE

CVE-2025-10096

• CNNVD Published: 2025-09-08

Description (Chinese)

Sim Studio是Sim Studio开源的一个AI代理工作流构建器。 Sim Studio 1.0.0及之前版本存在代码问题漏洞，该漏洞源于对参数filePath的错误操作可能导致服务端请求伪造。

Description (English)

Sim Studio is an AI proxy workflow builder at Sim Studio Open Source. Sim Studio 1.0.0 and previous versions had a code problem loophole, which stemmed from an error in the operation of the parameter filePath that could lead to the forgery of the service request.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

SIMPLE

Published

2025-09-08

Last Modified

2026-02-24

References

https://vuldb.com/?submit.644953 https://github.com/simstudioai/sim/pull/1149 https://github.com/simstudioai/sim/issues/960 https://vuldb.com/?ctiid.323057 https://github.com/simstudioai/sim/commit/3424a338b763115f0269b209e777608e4cd31785 https://vuldb.com/?id.323057 https://access.redhat.com/security/cve/cve-2025-10096