Vulnerability Details CVE-2025-10097
A vulnerability was identified in SimStudioAI sim up to 1.0.0. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The manipulation of the argument code leads to code injection. The attack is possible to be carried out remotely.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.7%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 6.5
References
- https://github.com/simstudioai/sim/issues/961
- https://github.com/simstudioai/sim/issues/961#issuecomment-3215578979
- https://vuldb.com/?ctiid.323058
- https://vuldb.com/?id.323058
- https://vuldb.com/?submit.644954
- https://github.com/simstudioai/sim/issues/961
- https://github.com/simstudioai/sim/issues/961#issuecomment-3215578979