CNNVD-202509-3923 Information

CNNVD ID

CNNVD-202509-3923

Related CVE

CVE-2025-10965

• CNNVD Published: 2025-09-25

Description (Chinese)

LazyLLM是LazyAGI开源的一个构建多代理LLM的工具。 LazyLLM 0.6.1及之前版本存在代码问题漏洞，该漏洞源于文件lazyllm/components/deploy/relay/server.py中函数lazyllm_call存在反序列化问题，可能导致远程攻击。

Description (English)

LazyLLM is a multi-agent LLM construction tool for LazyAGI open source. LazyLLM 0.6.1 and previous versions had a code problem loophole, which stemmed from the back-sequencing problem of the function razyllm/components/deploy/relay/server.py, which could lead to a remote attack.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

乐衍

Published

2025-09-25

Last Modified

2026-02-24

References

https://github.com/LazyAGI/LazyLLM/issues/764 https://vuldb.com/?ctiid.325833 https://vuldb.com/?id.325833 https://vuldb.com/?submit.652936