Upsonic

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-6279 MEDIUM POC PATCH This Month

A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/add_tool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used.

Deserialization Upsonic
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-6278 MEDIUM POC PATCH This Month

A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and may be used.

Path Traversal Upsonic
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.2%
CVE-2025-6279
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/add_tool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used.

Deserialization Upsonic
NVD GitHub VulDB
CVE-2025-6278
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and may be used.

Path Traversal Upsonic
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy