modelscope — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting modelscope. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products modelscope:modelscope/agentscope agentscope ms-agent

CVE ID	Title	CVSS	Severity	Paused
CVE-2026-6606	modelscope agentscope _agent_base.py _process_audio_block server-side request forgery — agentscopeCWE-918	7.3	High	2026-04-20
CVE-2026-6605	modelscope agentscope Internal Service _common.py _get_bytes_from_web_url server-side request forgery — agentscopeCWE-918	7.3	High	2026-04-20
CVE-2026-6604	modelscope agentscope Cloud Metadata Endpoint _openai_tools.py openai_audio_to_text server-side request forgery — agentscopeCWE-918	7.3	High	2026-04-20
CVE-2026-6603	modelscope agentscope _python.py execute_shell_command code injection — agentscopeCWE-94	7.3	High	2026-04-20
CVE-2026-2256	Command injection vulnerability in ModelScope's ms-agent — ms-agent	9.8^AI	Critical^AI	2026-03-02
CVE-2024-8487	CORS Vulnerability in modelscope/agentscope — modelscope/agentscopeCWE-346	9.1	-	2025-03-20
CVE-2024-8556	Stored XSS in modelscope/agentscope — modelscope/agentscopeCWE-79	5.4	-	2025-03-20
CVE-2024-8524	Directory Traversal in modelscope/agentscope — modelscope/agentscopeCWE-22	7.5	-	2025-03-20
CVE-2024-8537	Path Traversal in modelscope/agentscope — modelscope/agentscopeCWE-29	9.1	-	2025-03-20
CVE-2024-8551	Path Traversal in modelscope/agentscope — modelscope/agentscopeCWE-23	9.8	-	2025-03-20
CVE-2024-8438	Path Traversal in modelscope/agentscope — modelscope/agentscopeCWE-22	7.5	-	2025-03-20
CVE-2024-8502	Remote Code Execution via Deserialization in modelscope/agentscope — modelscope/agentscopeCWE-502	9.8	-	2025-03-20
CVE-2024-8489	CSRF due to overly permissive CORS headers in modelscope/agentscope — modelscope/agentscopeCWE-352	6.5	-	2025-03-20
CVE-2024-8501	Arbitrary File Download in modelscope/agentscope — modelscope/agentscopeCWE-36	8.8	-	2025-03-20
CVE-2024-8550	Local File Inclusion (LFI) in modelscope/agentscope — modelscope/agentscopeCWE-497	7.5	-	2025-02-10

This page lists every published CVE security advisory associated with modelscope. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Support Us — Your donation helps us keep running

modelscope — Vulnerabilities & Security Advisories 15