Vuln
·
Scope
Home
Packages
KEV
Critical
Insights
Jobs
Pricing
EN
中
Loading…
PyPI/astrbot — 7 CVEs · VulnScope
pkg:PyPI/
astrbot
7 total CVEs
CRITICAL
1
HIGH
2
MEDIUM
2
✅ Check your installed version
Check
All known vulnerabilities
CRITICAL
9.8
CVE-2025-55449
AstrBot is vulnerable to RCE with hard-coded JWT signing keys
from 0, < 3.5.18
HIGH
7.5
CVE-2025-48957
AstrBot Has Path Traversal Vulnerability in /api/chat/get_file
>= 3.4.4, < 3.5.13
HIGH
7.3
CVE-2026-7579
AstrBot Makes Use of Hard-coded Password
from 0, <= 4.16.0
MEDIUM
6.3
AstrBot: File upload vulnerability in the function post_file of the file astrbot/dashboard/routes/chat.py
from 0, < 4.23.6
MEDIUM
4.7
AstrBot has Incomplete Filtering of Special Elements
from 0, <= 4.22.1
—
AstrBot has an arbitrary file read vulnerability in function _encode_image_bs64
from 0, <= 3.5.22
—
AstrBot contains a directory traversal vulnerability
from 0, <= 3.5.22
CVE-2026-8754
CVE-2026-6984
CVE-2025-57697
CVE-2025-57698