CVE-2025-68952

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-68952

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68952.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-68952

Aliases

GHSA-pwcx-28p4-rmq4

Published

2025-12-27T00:37:08.917Z

Modified

2026-03-10T14:47:20.759931Z

Severity

9.3 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator

Summary

1-click Remote Code Execution (RCE) vulnerability in Eigent

Details

Eigent is a multi-agent Workforce. In version 0.0.60, a 1-click Remote Code Execution (RCE) vulnerability has been identified in Eigent. This vulnerability allows an attacker to execute arbitrary code on the victim's machine or server through a specific interaction (1-click). This issue has been patched in version 0.0.61.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-94"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68952.json"
}

References

Affected packages

Git / github.com/eigent-ai/eigent

Affected ranges

Type

GIT

Repo

https://github.com/eigent-ai/eigent

Events

Introduced

Last affected

cf003632c8e09c0ccf0a11b0330053418f3c8f55

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "= 0.0.60"
        }
    ]
}

Affected versions

v0.*

v0.0.1-test

v0.0.10-test

v0.0.11-test

v0.0.12-test

v0.0.13-test

v0.0.14-test

v0.0.15-test

v0.0.16-test

v0.0.17-test

v0.0.18-test

v0.0.19-test

v0.0.2-test

v0.0.20-test

v0.0.21-test

v0.0.22-test

v0.0.23-test

v0.0.24-test

v0.0.25-test

v0.0.26-test

v0.0.27-test

v0.0.28-test

v0.0.29-test

v0.0.3-test

v0.0.30-test

v0.0.4-test

v0.0.5-test

v0.0.51

v0.0.52

v0.0.53

v0.0.53-test

v0.0.54

v0.0.54-test

v0.0.55

v0.0.55-test

v0.0.56-test

v0.0.57

v0.0.58

v0.0.59

v0.0.6-test

v0.0.60

v0.0.7-test

v0.0.8-test

v0.0.9-test

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68952.json"