CVE-2025-59956

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions AgentAPI versions 0.3.3 and below

Description AgentAPI, an HTTP API for Claude Code, Goose, Aider, Gemini, Amp, and Codex, is susceptible to a client-side DNS rebinding attack when hosted over plain HTTP on localhost. An attacker can gain access to the /messages endpoint served by the Agent API, potentially leading to the unauthorized exfiltration of sensitive user data, including local message history. This message history may contain secret keys, file system contents, and intellectual property. The issue is related to a lack of validation of the Origin and Host headers.

Recommendations Upgrade to AgentAPI version 0.4.0 or later.

Exploit

Fix

Authentication Bypass by Spoofing

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-290CWE-350

Related Identifiers

CVE-2025-59956

GHSA-W64R-2G3W-W8W4

GO-2025-3991

OPENSUSE-SU-2025:15666-1

SUSE-SU-2025:3799-1

Affected Products

Agentapi

CVE-2025-59956

Weakness Enumeration

Related Identifiers

Affected Products

References · 52