CVE-2025-6283 – Xataio Xata Agent Path Traversal Vulnerability

June 19, 2025

CVE ID : CVE-2025-6283

Published : June 19, 2025, 11:15 p.m. | 3 hours, 25 minutes ago

Description : A vulnerability was found in xataio Xata Agent up to 0.3.0. It has been classified as problematic. This affects the function GET of the file apps/dbagent/src/app/api/evals/route.ts. The manipulation of the argument passed leads to path traversal. Upgrading to version 0.3.1 is able to address this issue. The patch is named 03f27055e0cf5d4fa7e874d34ce8c74c7b9086cc. It is recommended to upgrade the affected component.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6286 – PHPGurukul COVID19 Testing Management System Open Redirect Vulnerability

Next Article CVE-2025-6285 – PHPGurukul COVID19 Testing Management System PHP Cross-Site Scripting Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-6283 – Xataio Xata Agent Path Traversal Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-4358 – PHPGurukul Company Visitor Management System SQL Injection Vulnerability

CVE-2025-4899 – Campcodes Sales and Inventory System SQL Injection Vulnerability

LangSmith Bug Could Expose OpenAI Keys and User Data via Malicious Agents

CVE-2025-47941 – TYPO3 Backend MFA Bypass Vulnerability

Nottodbox – organize notes, to-dos and diaries

Last Week in AI #306: Astrocade, Llama 4, Nova Act

CVE-2025-40625 – TCMAN GIM Unauthenticated File Upload RCE

How this ‘FinOps for AI’ certification can help you tackle surging AI costs

CVE-2025-6283 – Xataio Xata Agent Path Traversal Vulnerability

Related Posts