Security Overview · AstrBotDevs/AstrBot · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

RCE with hard-coded JWT signing key
GHSA-4m32-cjv7-f425 published Nov 14, 2025 by Soulter

Critical
Path Traversal Vulnerability in /api/chat/get_file
GHSA-cq37-g2qp-3c2p published Jun 1, 2025 by Soulter

High

Learn more about advisories related to AstrBotDevs/AstrBot in the GitHub Advisory Database