A vulnerability, which was classified as critical , was found in AstrBotDevs AstrBot 4.23.6 . Affected by this vulnerability is the function _sanitize_prompt_description of the file astrbot/core/skills/skill_manager.py . The manipulation results in injection. This vulnerability was named CVE-2026-10210 . The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.