Package impact
PyPI / astrbot
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-7579 | high | 7.3 | 7.3 | 29d ago | AstrBot Makes Use of Hard-coded Password | |||
| CVE-2025-55449 | high | 7.3 | 7.3 | 7mo ago | AstrBot is vulnerable to RCE with hard-coded JWT signing keys | |||
| CVE-2026-8754 | medium | 6.3 | 6.3 | 13d ago | AstrBot: File upload vulnerability in the function post_file of the file astrbot/dashboard/routes/chat.py | |||
| CVE-2026-6984 | medium | 4.7 | 4.7 | 1mo ago | AstrBot has Incomplete Filtering of Special Elements |