Agno session state overwrites between different sessions/users_CVE-2025-64168

7.1 / 10

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

Description

Agno is a multi-agent framework, runtime and control plane. From 2.0.0 to before 2.2.2, under high concurrency, when session_state is passed to Agent or Team during run or arun calls, a race condition can occur, causing a session_state to be assigned and persisted to the incorrect session. This may result in user data from one session being exposed to another user. This has been patched in version 2.2.2.

Basic Information

ID CVE-2025-64168

Source GitHub_M

Published Oct 31, 2025 at 14:58

Modified Oct 31, 2025 at 15:39

Affected Product

Vendor agno-agi

Product agno

Version >= 2.0.0, < 2.2.2

Affected Versions agno-agi agno >= 2.0.0, < 2.2.2

CWE Classification

CWE-362 CWE-668

References

github.com /agno-agi/agno/security/advisories/GHSA-vw84-hprm-cxmm

{
    "lastseen": "",
    "description": "Agno is a multi-agent framework, runtime and control plane. From 2.0.0 to before 2.2.2, under high concurrency, when session_state is passed to Agent or Team during run or arun calls, a race condition can occur, causing a session_state to be assigned and persisted to the incorrect session. This may result in user data from one session being exposed to another user. This has been patched in version 2.2.2.",
    "published": "2025-10-31T14:58:54.447Z",
    "modified": "2025-10-31T15:39:39.368Z",
    "type": "cve",
    "title": "Agno session state overwrites between different sessions/users",
    "source": "GitHub_M",
    "references": "https://github.com/agno-agi/agno/security/advisories/GHSA-vw84-hprm-cxmm",
    "id": "CVE-2025-64168",
    "bulletinFamily": "",
    "cwe": [
        "CWE-362",
        "CWE-668"
    ],
    "cvelist": null,
    "sourceData": "agno-agi agno >= 2.0.0, < 2.2.2",
    "sourceHref": "",
    "cvss": {
        "score": 7.1,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "agno",
    "version": ">= 2.0.0, < 2.2.2",
    "vendor": "agno-agi",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}