EUVD-2026-36285

Vim is an open source, command line text editor. Prior to version 9.2.0597, Vim's Python omni-completion executes reconstructed function and class definitions from the current buffer with exec as part of populating the completion dictionary. Python evaluates function default values, parameter...

(0Day) Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The specific flaw exists within the actionoutputstrtomapping function. The issue results from the lack of prop...

EUVD-2025-30970

Malicious code in bioql PyPI...

PYSEC-2025-177

Pycel through 1.0b30, when operating on an untrusted spreadsheet, allows code execution via a crafted formula in a cell, such as one beginning with the =IFA1=200, eval"import'os'.system substring...

GHSA-3RCW-9P9X-582V Code injection in `saved_model_cli`

Impact TensorFlow's savedmodelcli tool is vulnerable to a code injection as it calls eval on user supplied strings python def preprocessinputexprsargstringinputexprsstr: ... for inputraw in filterbool, inputexprsstr.split';': ... inputkey, expr = inputraw.split'=', 1 inputdictinputkey = evalexpr...