CVE-2026-4963

A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluateaugassign/evaluatecall/evaluatewith of the file src/smolagents/localpythonexecutor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code injection. It is possible to...

GHSA-54FQ-V6X8-244G Hugging Face Smolagents has an Injection issue

A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluateaugassign/evaluatecall/evaluatewith of the file src/smolagents/localpythonexecutor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code injection. It is possible to...

CVE-2026-4963

A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluateaugassign/evaluatecall/evaluatewith of the file src/smolagents/localpythonexecutor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code injection. It is possible to...

CVE-2026-4963 huggingface smolagents Incomplete Fix CVE-2025-9959 local_python_executor.py evaluate_with code injection

A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluateaugassign/evaluatecall/evaluatewith of the file src/smolagents/localpythonexecutor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code injection. It is possible to...

CVE-2026-4963

CVE-2026-4963 affects huggingface smolagents 1.25.0.dev0, specifically the LocalPythonExecutor in src/smolagents/local_python_executor.py (evaluate_augassign/evaluate_call/evaluate_with). Root cause is a code injection vulnerability that can be triggered remotely. Public exploits exist; multiple ...

CVE-2026-4963 huggingface smolagents Incomplete Fix CVE-2025-9959 local_python_executor.py evaluate_with code injection

A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluateaugassign/evaluatecall/evaluatewith of the file src/smolagents/localpythonexecutor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code injection. It is possible to...

PT-2026-28689

A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluate augassign/evaluate call/evaluate with of the file src/smolagents/local python executor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code injection. It is possible...

Hugging Face Smolagents has a Server-Side Request Forgery issue

A weakness has been identified in huggingface smolagents 1.24.0. Impacted is the function requests.get/requests.post of the component LocalPythonExecutor. Executing a manipulation can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit has been made...

CVE-2026-2654

Affects huggingface smolagents 1.24.0. The LocalPythonExecutor uses requests.get/post, enabling remote SSRF via manipulation of outbound requests. Public PoC/exploit exists; vendor did not respond. Remediation not provided in the sources; no fixed version is listed for smolagents. Monitor for upd...

smolagents 安全漏洞

smolagents is a basic library for agents, open-sourced by Hugging Face. Version 1.24.0 of smolagents contains a security vulnerability. This vulnerability stems from improper request handling in the LocalPythonExecutor component, which may lead to server-side request forgeing attacks...

agentengine (>=0.1.5 <=0.1.8), iflow-mcp-maxim-saplin-mcp-safe-local-python-executor (=0.1.0) +11 more potentially affected by CVE-2025-5120 via smolagents (>=0.1.3 <=1.16.1)

smolagents PYPI version =0.1.3, =0.1.5, =0.1.0, =0.1.1, =0.1.1, =0.1.0, =0.16.0, =0.0.1.dev0, =0.0.1, =0.3.0, =0.3.7 Source cves: CVE-2025-5120 Source advisory: OSV:GHSA-6V92-R5MX-H5FX...

Arbitrary Code Execution

Overview smolagents is a 🤗 smolagents: a barebones library for agents. Agents write python code to call tools or orchestrate other agents. Affected versions of this package are vulnerable to Arbitrary Code Execution due to allowing access to Python builtins in localpythonexecutor.py, and only...