Lucene search
K

10 matches found

NVD
NVD
added 2026/03/27 5:16 p.m.5 views

CVE-2026-4963

A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluateaugassign/evaluatecall/evaluatewith of the file src/smolagents/localpythonexecutor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code injection. It is possible to...

10CVSS0.00575EPSS
Exploits1References7
Veracode
Veracode
added 2025/02/28 5:23 a.m.11 views

Out-of-bounds Write

Vyper is vulnerable to Out-of-bounds Write. The vulnerability is due to improper bounds validation due to the caching of the target location in an AugAssign statement, which prevents re-evaluating the bounds check when modifying a DynArray...

9.1CVSS6.6AI score0.00527EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/23 10:26 p.m.20 views

CVE-2025-27105

A flaw was found in Vyper, a Pythonic Smart Contract Language for the EVM. This vulnerability allows out-of-bounds writes via improper bounds checking when modifying a DynArray using an augmented assignment AugAssign. Mitigation Mitigation for this issue is either not available or the currently...

9.1CVSS9.1AI score0.00527EPSS
Exploits1References4
OSV
OSV
added 2025/02/21 10:43 p.m.2 views

GHSA-4W26-8P97-F4JP AugAssign evaluation order causing OOB write within the object in Vyper

Vyper handles AugAssign statements by first caching the target location to avoid double evaluation. However, in the case when target is an access to a DynArray and the rhs modifies the array, the cached target will evaluate first, and the bounds check will not be re-evaluated during the write...

2.3CVSS5.9AI score0.00527EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/02/21 10:43 p.m.26 views

AugAssign evaluation order causing OOB write within the object in Vyper

Vyper handles AugAssign statements by first caching the target location to avoid double evaluation. However, in the case when target is an access to a DynArray and the rhs modifies the array, the cached target will evaluate first, and the bounds check will not be re-evaluated during the write...

9.1CVSS7AI score0.00527EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2025/02/21 10:15 p.m.10 views

PYSEC-2025-31

vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statements by first caching the target location to avoid double evaluation. However, in the case when target is an access to a DynArray and the rhs modifies the array, the cached target will evaluate first, and the...

9.1CVSS6.8AI score0.00527EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2025/02/21 10:15 p.m.16 views

CVE-2025-27105

vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statements by first caching the target location to avoid double evaluation. However, in the case when target is an access to a DynArray and the rhs modifies the array, the cached target will evaluate first, and the...

9.1CVSS0.00527EPSS
Exploits1References1
CVE
CVE
added 2025/02/21 9:27 p.m.89 views

CVE-2025-27105

CVE-2025-27105 concerns vyper, a Pythonic smart contract language for the EVM. The issue arises in AugAssign handling when the target is an access to a dynamic array (DynArray); if the right-hand side modifies the array, the target is cached and the bounds check may not be re-evaluated during the...

9.1CVSS6.5AI score0.00527EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/02/21 9:27 p.m.8 views

CVE-2025-27105 AugAssign evaluation order causing OOB write within the object in Vyper

vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statements by first caching the target location to avoid double evaluation. However, in the case when target is an access to a DynArray and the rhs modifies the array, the cached target will evaluate first, and the...

2.3CVSS8.6AI score0.00527EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/02/21 9:27 p.m.10 views

CVE-2025-27105 AugAssign evaluation order causing OOB write within the object in Vyper

vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statements by first caching the target location to avoid double evaluation. However, in the case when target is an access to a DynArray and the rhs modifies the array, the cached target will evaluate first, and the...

2.3CVSS9.3AI score0.00527EPSS
Exploits1References1
Rows per page
Query Builder