CVE-2025-9959
π΄ HIGHIncomplete validation of dunder attributes allows an attacker to escape from the Local Python execution environment sandbox, enforced by smolagents. The attack requires a Prompt Injection in order to...
Description
Request Expert ReviewIncomplete validation of dunder attributes allows an attacker to escape from the Local Python execution environment sandbox, enforced by smolagents. The attack requires a Prompt Injection in order to trick the agent to create malicious code.
CVSS Scores
References
Additional Information
- Source
- reefs@jfrog.com
- State
- Awaiting analysis
Related CVEs
CVE-2025-13237
HIGHA security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. Th...
CVE-2025-12482
HIGHThe Booking for Appointments and Events Calendar β Amelia plugin for WordPress is vulnerable to SQL Injection via the βsearchβ parameter in all versio...
CVE-2025-13236
MEDIUMA vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php...
CVE-2025-13235
HIGHA vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executi...
CVE-2025-13234
MEDIUMA vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=produc...
CVE-2025-13233
HIGHA vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=s...
Share CVE-2025-9959
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2025-9959 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!