CVE-2025-6167 | themanojdesai python-a2a up to 0.5.5 api.py create_workflow path traversal (Issue 40)

A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0.5.5. Affected is the function create_workflow of the file python_a2a/agent_flow/server/api.py. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2025-6167. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More