4 matches found
agentic-layer-testbench (>=0.9.1 <=0.9.3), agentic-qa (>=0.1.0 <=0.2.1) +56 more potentially affected by CVE-2026-6587 via ragas (>=0.2.6 <=0.4.3)
ragas PYPI version =0.2.6, =0.9.1, =0.1.0, =0.1.2, =0.1.0a1, =1.0.8, =0.1.6, =11.1.12, =0.20.24, =0.1.1, =1.0.0, =1.1.0, =0.1.0, =0.1.0, =0.1.4 and more Source cves: CVE-2026-6587 Source advisory: OSV:GHSA-95WW-475F-PR4F...
agentic-layer-testbench (>=0.9.1 <=0.9.3), agentic-qa (>=0.1.0 <=0.2.1) +56 more potentially affected by CVE-2025-45691 +1 more via ragas (>=0.2.6 <=0.4.3)
ragas PYPI version =0.2.6, =0.9.1, =0.1.0, =0.1.2, =0.1.0a1, =1.0.8, =0.1.6, =11.1.12, =0.20.24, =0.1.1, =1.0.0, =1.1.0, =0.1.0, =0.1.0, =0.1.4 and more Source cves: CVE-2025-45691, CVE-2026-6587 Source advisory: SNYK:PYTHON-RAGAS-16134617...
CVE-2026-6587
A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function tryprocesslocalfile/tryprocessurl of the file src/ragas/metrics/collections/multimodalfaithfulness/util.py of the component Collections Module. Performing a manipulation of the argument...
CVE-2026-6587
CVE-2026-6587 affects vibrantlabsai RAGAS