Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/agixt@1.6.0
Typepypi
Namespace
Nameagixt
Version1.6.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.9.2
Latest_non_vulnerable_version1.9.2
Affected_by_vulnerabilities
0
url VCID-azbj-5ph5-kqcu
vulnerability_id VCID-azbj-5ph5-kqcu
summary AGiXT is a dynamic AI Agent Automation Platform. Prior to 1.9.2, the safe_join() function in the essential_abilities extension fails to validate that resolved file paths remain within the designated agent workspace. An authenticated attacker can use directory traversal sequences to read, write, or delete arbitrary files on the server hosting the AGiXT instance. This vulnerability is fixed in 1.9.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-39981
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16464
published_at 2026-06-11T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.16593
published_at 2026-06-14T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.16608
published_at 2026-06-12T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.1662
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-39981
1
reference_url https://github.com/Josh-XT/AGiXT
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/Josh-XT/AGiXT
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-39981
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-39981
3
reference_url https://github.com/Josh-XT/AGiXT/commit/2079ea5a88fa671a921bf0b5eba887a5a1b73d5f
reference_id 2079ea5a88fa671a921bf0b5eba887a5a1b73d5f
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-13T20:10:01Z/
url https://github.com/Josh-XT/AGiXT/commit/2079ea5a88fa671a921bf0b5eba887a5a1b73d5f
4
reference_url https://github.com/advisories/GHSA-5gfj-64gh-mgmw
reference_id GHSA-5gfj-64gh-mgmw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5gfj-64gh-mgmw
5
reference_url https://github.com/Josh-XT/AGiXT/security/advisories/GHSA-5gfj-64gh-mgmw
reference_id GHSA-5gfj-64gh-mgmw
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-13T20:10:01Z/
url https://github.com/Josh-XT/AGiXT/security/advisories/GHSA-5gfj-64gh-mgmw
6
reference_url https://github.com/Josh-XT/AGiXT/releases/tag/v1.9.2
reference_id v1.9.2
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-13T20:10:01Z/
url https://github.com/Josh-XT/AGiXT/releases/tag/v1.9.2
fixed_packages
0
url pkg:pypi/agixt@1.9.2
purl pkg:pypi/agixt@1.9.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/agixt@1.9.2
aliases CVE-2026-39981, GHSA-5gfj-64gh-mgmw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-azbj-5ph5-kqcu
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/agixt@1.6.0