CVE-2025-2733: A vulnerability classified as critical has been found in mannaandpoem OpenManus up to 2025.3.13. This affects an unknown
mediumvulnerability
security
Summary
A critical vulnerability (CVE-2025-2733) was found in mannaandpoem OpenManus up to version 2025.3.13 in the file app/tool/python_execute.py. The vulnerability allows OS command injection (running unauthorized system commands), which can be triggered remotely by someone with login access. The exploit has been publicly disclosed, and the vendor has not responded to early notification.
Vulnerability Details
CVSS Score
6.3(medium)
EPSS (30-day exploit probability)
EPSS: 0.4%
Classification
Attack SophisticationModerate
Impact (CIA+S)
integrityavailability
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-2733
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 85%