CVE-2025-10965 | LazyAGI LazyLLM up to 0.6.1 server.py lazyllm_call deserialization (Issue 764)

Inserito da Angelo Barbosa | Set 25, 2025 | CVE

A vulnerability labeled as critical has been found in LazyAGI LazyLLM up to 0.6.1. Affected by this issue is the function lazyllm_call of the file lazyllm/components/deploy/relay/server.py. Such manipulation leads to deserialization.

This vulnerability is uniquely identified as CVE-2025-10965. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-10965 | LazyAGI LazyLLM up to 0.6.1 server.py lazyllm_call deserialization (Issue 764)

Post correlati

CVE-2025-34104 | Piwik Web Analytics Platform up to 3.0.2 unrestricted upload

CVE-2024-11840 | RapidLoad Plugin up to 2.4.2 on WordPress Setting sql injection

CVE-2025-49511 | uxper Civi Framework Plugin up to 2.1.6 on WordPress cross-site request forgery

CVE-2024-25960 | Dell PowerScale OneFS up to 9.3.0.0/9.4.0.16/9.5.0.7/9.7.0.1 cleartext transmission (dsa-2024-115)