{"id":"PYSEC-2021-65","details":"GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. The attacker must be able to reach TCP port 7912, e.g., by being on the same Wi-Fi network.","aliases":["CVE-2020-36245","GHSA-q5h6-49gg-2wfg"],"modified":"2026-06-10T17:01:50.491552547Z","published":"2021-02-17T22:15:00Z","references":[{"type":"REPORT","url":"https://github.com/GramAddict/bot/issues/134"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-q5h6-49gg-2wfg"}],"affected":[{"package":{"name":"gramaddict","ecosystem":"PyPI","purl":"pkg:pypi/gramaddict"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.4"}]}],"versions":["1.2.0","1.2.0b1","1.2.0b2","1.2.0b3","1.2.1","1.2.2","1.2.3"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/gramaddict/PYSEC-2021-65.yaml"}}],"schema_version":"1.7.5"}