AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function encode image bs64. Since the encode image bs64 function defined in entities.py opens the image specified by the user in the request body and returns the image content as a base64-encoded string without checking the legitimacy of the image path, attackers can construct a series of malicious URLs to read any specified file, resulting in sensitive data leakage.