17 matches found
CVE-2026-34824
Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession o...
CVE-2026-34824
Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession o...
CVE-2026-34824
CVE-2026-34824 targets the Mesop Python-based UI framework. A vulnerability in the WebSocket handler from version 1.2.3 up to, but not including, 1.2.5 allows an unauthenticated attacker to flood the server with rapid WebSocket messages, causing unbounded thread creation. This thread exhaustion l...
CVE-2026-34824
Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession o...
CVE-2026-34824 Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service
Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession o...
GHSA-3JR7-6HQP-X679 Mesop: Unbounded Thread Creation in WebSocket Handler Leads to Denial of Service
Summary An uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession of WebSocket messages, forcing the server to spawn an unbounded number of operating system threads. This leads to threa...
Mesop 安全漏洞
Mesop is a fast-building Python web application UI framework developed by Mesop OpenSource. Versions of Mesop from 1.2.3 to 1.2.5 contained security vulnerabilities. These vulnerabilities were due to uncontrolled resource consumption issues in the WebSocket implementation. This could allow...
CVE-2026-33057 Mesop Affected by Unauthenticated Remote Code Execution via Test Suite Route /exec-py
Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard...
CVE-2026-33057
Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard...
CVE-2026-33057 Mesop Affected by Unauthenticated Remote Code Execution via Test Suite Route /exec-py
Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard...
CVE-2026-33054
Mesop is a Python-based UI framework that allows users to build web applications. Versions 1.2.2 and below contain a Path Traversal vulnerability that allows any user supplying an untrusted statetoken through the UI stream payload to arbitrarily target files on the disk under the standard...
CVE-2026-33054
Mesop is a Python-based UI framework that allows users to build web applications. Versions 1.2.2 and below contain a Path Traversal vulnerability that allows any user supplying an untrusted statetoken through the UI stream payload to arbitrarily target files on the disk under the standard...
Mesop 代码注入漏洞
Mesop is an open-source UI framework for quickly building Python web applications. Versions of Mesop 1.2.2 and earlier contained a code injection vulnerability. This vulnerability stemmed from the /exec-py endpoint in the ai/test module, which executed unvalidated Python code without any...
Mesop 安全漏洞
Mesop is a fast-building Python web application UI framework developed by Mesop OpenSource. Versions of Mesop 1.2.2 and earlier contained security vulnerabilities. These vulnerabilities were caused by a path traversal issue with the statetoken parameter, which could lead to denial-of-service...
EUVD-2024-2845
Malicious code in bioql PyPI...
CVE-2025-30358
Mesop is a Python-based UI framework. A class pollution vulnerability in Mesop before 0.14.1 allows attackers to overwrite global variables and class attributes at runtime in certain modules, enabling DoS on the server and potential identity confusion (e.g., impersonating assistants or system rol...
CVE-2025-30358 Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks
Mesop is a Python-based UI framework that allows users to build web applications. A class pollution vulnerability in Mesop prior to version 0.14.1 allows attackers to overwrite global variables and class attributes in certain Mesop modules during runtime. This vulnerability could directly lead to...