CVE-2026-16073 in AstrBotinfo

Summary

by MITRE • 07/17/2026

A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.25.2. Affected by this issue is the function Star.text_to_image/NetworkRenderStrategy.render of the file astrbot/core/star/base.py of the component T2I Feature. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/17/2026

This vulnerability exists within the AstrBotDevs AstrBot application version 4.25.2 and earlier, specifically affecting the text_to_image function within the NetworkRenderStrategy class located in astrbot/core/star/base.py. The issue stems from insufficient input validation and sanitization when processing user-provided text data that is subsequently rendered into images through the T2I Feature component. This flaw creates a cross-site scripting vulnerability that can be exploited remotely by malicious actors who inject malicious code into the text input fields.

The technical implementation of this vulnerability allows attackers to execute arbitrary JavaScript code within the context of other users' browsers when they view rendered images containing malicious payloads. The attack vector operates through the image generation process where user input is directly incorporated into the rendering pipeline without proper sanitization or escaping mechanisms. This type of vulnerability falls under CWE-79 - Cross-site Scripting and aligns with ATT&CK technique T1566.001 - Phishing via Social Media, as it can be leveraged to deliver malicious payloads through image-based content.

The operational impact of this vulnerability is significant as it enables remote code execution in the context of user sessions, potentially allowing attackers to steal session cookies, perform unauthorized actions on behalf of users, or redirect victims to malicious websites. The fact that the exploit has been publicly disclosed and is known to be actively used increases the risk exposure for affected systems. The lack of vendor response to early disclosure attempts suggests potential delays in patch development or deployment, leaving users vulnerable for extended periods.

Organizations utilizing AstrBotDevs AstrBot should immediately implement mitigations including input validation and sanitization for all text inputs processed through the T2I Feature, implementing proper output escaping mechanisms when rendering images, and considering rate limiting for image generation requests. Additionally, network monitoring should be enhanced to detect potential exploitation attempts through anomalous image generation patterns. The vulnerability demonstrates the importance of secure coding practices in image processing components and highlights the need for comprehensive security testing of all user-facing input processing functions. Given the publicly available exploit, immediate remediation is critical to prevent potential compromise of affected systems and user data.

Responsible

VulDB

Disclosure

07/17/2026

Moderation

accepted

CPE

ready

Exploit

Download

EPSS

0.00000

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!