Lucene search
K

6 matches found

NVD
NVD
added 2026/02/06 9:16 p.m.10 views

CVE-2026-25580

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 0.0.26 to before 1.56.0, aServer-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources,...

8.6CVSS0.00579EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/06 9:1 p.m.4 views

CVE-2026-25580

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 0.0.26 to before 1.56.0, aServer-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources,...

8.6CVSS5.5AI score0.00579EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/02/06 9:1 p.m.22 views

CVE-2026-25580

Pydantic AI has an SSRF vulnerability in its URL download path. From version 0.0.26 up to, but not including, 1.56.0, untrusted message history can cause the server to fetch URLs that reach internal resources or cloud metadata, exposing internal services or cloud credentials. The issue affects ap...

8.6CVSS5.5AI score0.00579EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/02/06 6:32 p.m.10 views

GHSA-2JRP-274C-JHV3 Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling

Summary A Server-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources, attackers can include malicious URLs that cause the server to make HTTP requests to internal network resources, potentially...

8.6CVSS5.6AI score0.00579EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/02/06 6:32 p.m.23 views

Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling

Summary A Server-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources, attackers can include malicious URLs that cause the server to make HTTP requests to internal network resources, potentially...

8.6CVSS5.6AI score0.00579EPSS
Exploits1References4Affected Software2
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.7 views

PT-2026-6846

Summary A Server-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources, attackers can include malicious URLs that cause the server to make HTTP requests to internal network resources, potentially...

8.6CVSS5.8AI score0.00579EPSS
Exploits1References5
Rows per page
Query Builder