PatchSiren cyber security CVE debrief
CVE-2026-16077 AstrBotDevs CVE debrief
A vulnerability was found in AstrBotDevs AstrBot up to 4.25.5. The function _normalize_rw_path in the file astrbot/core/tools/computer_tools/fs.py is impacted, leading to a link following issue. The attack requires local access and has been made public. Users of AstrBotDevs AstrBot up to 4.25.5 should be aware of this vulnerability and take necessary precautions. The vendor was contacted early about this disclosure but did not respond in any way.
- Vendor
- AstrBotDevs
- Product
- AstrBot
- CVSS
- LOW 1.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-18
- Original CVE updated
- 2026-07-18
- Advisory published
- 2026-07-18
- Advisory updated
- 2026-07-18
Who should care
Users of AstrBotDevs AstrBot up to 4.25.5 should be aware of this vulnerability and take necessary precautions. The vulnerability has a low CVSS score, but it is still important to review and verify affected AstrBotDevs AstrBot installations. Operators, platform administrators, vulnerability management teams, and security teams should review the vulnerability and its impact.
Technical summary
The vulnerability is caused by a link following issue in the _normalize_rw_path function of the astrbot/core/tools/computer_tools/fs.py file in AstrBotDevs AstrBot up to 4.25.5. The attack requires local access and has been made public. The vulnerability has a low CVSS score due to the local access requirement. To address this vulnerability, users should review and verify affected AstrBotDevs AstrBot installations. Operators, platform administrators, vulnerability management teams, and security teams should assess the impact and implement compensating controls to limit local access to sensitive areas. The affected product is AstrBotDevs AstrBot up to 4.25.5, and users should be aware of this vulnerability and take necessary precautions.
Defensive priority
Low priority due to local access requirement and low CVSS score.
Recommended defensive actions
- Inventory and verify affected AstrBotDevs AstrBot installations up to 4.25.5.
- Apply vendor patches or updates when available.
- Implement compensating controls to limit local access to sensitive areas.
- Review and verify the affected scope and vendor guidance.
- Monitor relevant logs and detection systems for exposed assets.
- Track exceptions and retest remediated assets.
- Plan vendor-supported updates or mitigations through normal change control.
Evidence notes
The CVE record was published on 2026-07-18T07:16:39.290Z and has not been modified since then. The NVD entry is currently Received. The evidence is limited, and defenders should verify the affected scope and vendor guidance. The vulnerability has been made public, and its impact is currently being reviewed.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-18T07:16:39.290Z and has not been modified since then. The NVD entry is currently Received.