CVE-2025-5321 | aimhubio aim up to 3.29.1 run_view Object /aim/storage/query.py RestrictedPythonQuery sandbox

Inserito da Angelo Barbosa | Mag 29, 2025 | CVE

A vulnerability classified as critical was found in aimhubio aim up to 3.29.1. This vulnerability affects the function RestrictedPythonQuery of the file /aim/storage/query.py of the component run_view Object Handler. The manipulation of the argument Query leads to sandbox issue.

This vulnerability was named CVE-2025-5321. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-5321 | aimhubio aim up to 3.29.1 run_view Object /aim/storage/query.py RestrictedPythonQuery sandbox

Post correlati

CVE-2024-49649 | Abdul Hakeem Build App Online Plugin up to 1.0.23 on WordPress Include/Require filename control

CVE-2025-46552 | Krypto-Hashers-Community KHC-INVITATION-AUTOMATION up to 1.2 API Response information disclosure (GHSA-7mpf-6gg2-2fjp)

CVE-2024-38507 | JetBrains Hub up to 2023.1.15725 Project Description cross site scripting

CVE-2024-11680 | ProjectSend up to r1719 HTTP Request options.php improper authentication