Lucene search
K

8 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-347 Guardrails AI contains a code injection vulnerability in its Hub package installation mechanism

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

9.8CVSS6.3AI score0.00635EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.16 views

PT-2026-41973

Name of the Vulnerable Software and Affected Versions guardrails-ai version 0.10.1 Description A malicious version of the Python framework was published to PyPI. The package was identified by security researchers and quarantined by PyPI within approximately two hours of publication. Telemetry and...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2026/05/15 1:57 a.m.7 views

CVE-2026-31233

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

9.8CVSS6.3AI score0.00635EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.13 views

EUVD-2026-29556

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

6.3AI score0.00635EPSS
Exploits0References3
NVD
NVD
added 2026/05/12 6:16 p.m.10 views

CVE-2026-31233

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

9.8CVSS0.00635EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 12:0 a.m.32 views

CVE-2026-31233

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

0.00635EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.12 views

Guardrails 安全漏洞

Guardrails is a Python framework open source by Guardrails AI. Versions of Guardrails 0.6.7 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the Hub package installation mechanism, which retrieved lists from the Guardrails Hub when installing the validationer...

9.8CVSS6AI score0.00635EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40120

Name of the Vulnerable Software and Affected Versions Guardrails AI versions prior to 0.6.8 Description A code injection issue exists in the Hub package installation mechanism. When installing validator packages using the command guardrails hub install, the system retrieves a manifest from the...

9.8CVSS6.3AI score0.00635EPSS
Exploits0References7
Rows per page
Query Builder