Lucene search
K

4 matches found

OSV
OSV
added 3 days ago5 views

PYSEC-2026-546 PySyft server-side arbitrary Python execution after code approval

PySyft Syft Datasite/Server versions 0.9.5 and earlier are vulnerable to remote code execution due to insufficient validation and sandboxing of user-submitted code. The system allows low-privileged users to submit Python functions via @sy.syftfunction for remote execution on the server. While a...

9.8CVSS6.6AI score0.00631EPSS
Exploits0References5
OSV
OSV
added 2026/05/12 6:30 p.m.6 views

GHSA-CFPG-C974-JFHQ PySyft server-side arbitrary Python execution after code approval

PySyft Syft Datasite/Server versions 0.9.5 and earlier are vulnerable to remote code execution due to insufficient validation and sandboxing of user-submitted code. The system allows low-privileged users to submit Python functions via @sy.syftfunction for remote execution on the server. While a...

9.8CVSS6.7AI score0.00631EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40059

Name of the Vulnerable Software and Affected Versions PySyft Syft Datasite/Server versions prior to 0.9.6 Description Insufficient validation and sandboxing of user-submitted code allow remote code execution. Low-privileged users can submit Python functions via @sy.syft function for remote...

9.8CVSS6.5AI score0.00631EPSS
Exploits0References7
Code423n4
Code423n4
added 2022/03/29 12:0 a.m.8 views

Must approve 0 first

Lines of code Vulnerability details Impact Some tokens like USDT do not work when changing the allowance from an existing non-zero allowance value.They must first be approved by zero and then the actual allowance must be approved. Proof of Concept Tools Used None Recommended Mitigation Steps Use...

6.9AI score
Exploits0
Rows per page
Query Builder