6 matches found
CVE-2026-25580
Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 0.0.26 to before 1.56.0, aServer-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources,...
CVE-2026-25580
Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 0.0.26 to before 1.56.0, aServer-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources,...
CVE-2026-25580
Pydantic AI has an SSRF vulnerability in its URL download path. From version 0.0.26 up to, but not including, 1.56.0, untrusted message history can cause the server to fetch URLs that reach internal resources or cloud metadata, exposing internal services or cloud credentials. The issue affects ap...
GHSA-2JRP-274C-JHV3 Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling
Summary A Server-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources, attackers can include malicious URLs that cause the server to make HTTP requests to internal network resources, potentially...
Pydantic AI has Server-Side Request Forgery (SSRF) in URL Download Handling
Summary A Server-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources, attackers can include malicious URLs that cause the server to make HTTP requests to internal network resources, potentially...
PT-2026-6846
Summary A Server-Side Request Forgery SSRF vulnerability exists in Pydantic AI's URL download functionality. When applications accept message history from untrusted sources, attackers can include malicious URLs that cause the server to make HTTP requests to internal network resources, potentially...