Top products
Latest CVEs
The 13 most recently published vulnerabilities affecting dbgpt.
- CVE-2025-51459File Upload vulnerability in agent.hub.controller.refresh_plugins in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary code via a malicious plugin ZIP file uploaded to the /v1/...6.5
- CVE-2025-51458SQL Injection in editor_sql_run and query_ex in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary SQL statements via crafted input passed to the /v1/editor/sql/run or /v1/edito...6.5
- CVE-2025-6772eosphoros-ai db-gpt import import_flow path traversal7.3
- CVE-2024-10830Path Traversal in eosphoros-ai/db-gpt8.2
- CVE-2024-10834Arbitrary File Write in eosphoros-ai/db-gpt9.1
- CVE-2024-10833Arbitrary File Write in eosphoros-ai/db-gpt9.1
- CVE-2024-10906Cross-Site Request Forgery (CSRF) in eosphoros-ai/db-gpt8.1
- CVE-2024-10829Denial of Service (DoS) via Multipart Boundary in eosphoros-ai/db-gpt7.5
- CVE-2024-10901Arbitrary File Write via DuckDB SQL Injection in eosphoros-ai/db-gpt9.8
- CVE-2024-10835Arbitrary File Write via SQL Injection in eosphoros-ai/db-gpt9.8
- CVE-2024-10902Arbitrary File Upload with Path Traversal in eosphoros-ai/db-gpt9.8
- CVE-2024-10831Arbitrary File Write through Absolute Path Traversal in eosphoros-ai/db-gpt9.1
- CVE-2025-0452Arbitrary File Deletion in eosphoros-ai/DB-GPT8.2