agno

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting agnopage 1 of 1

CVE-2025-64168HIGHCVSS 7.1EG 7.1✓ Fixed in 2.2.2
2025-10-31
vulnerable: 2.0.0 ... 2.2.1 (25 versions)
Agno is a multi-agent framework, runtime and control plane. From 2.0.0 to before 2.2.2, under high concurrency, when session_state is passed to Agent or Team during run or arun calls, a race condition can occur, causing a session_state to …
CVE-2026-35002CRITICALCVSS 9.8EG 9.8✓ Fixed in 2.3.24
2026-04-02
vulnerable: 0.0.1 ... 2.3.9 (169 versions)
Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary Python code by manipulating the field_type parameter passed to eval(). Attackers ca…

Check whether agno is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for agno CVEs against the assets you own.

Start Free Scan →