CLEANSTART-2026-VB45003 Security fixes for CVE-2026-34986, ghsa-78h2-9frx-2jm8 applied in versions: 0.48.1-r0

Multiple security vulnerabilities affect the melange package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-27952

Agenta is an open-source LLMOps platform. In Agenta-API prior to version 0.48.1, a Python sandbox escape vulnerability existed in Agenta's custom code evaluator. Agenta used RestrictedPython as a sandboxing mechanism for user-supplied evaluator code, but incorrectly whitelisted the numpy package ...

PYSEC-2026-6

Agenta is an open-source LLMOps platform. In Agenta-API prior to version 0.48.1, a Python sandbox escape vulnerability existed in Agenta's custom code evaluator. Agenta used RestrictedPython as a sandboxing mechanism for user-supplied evaluator code, but incorrectly whitelisted the numpy package ...

PYSEC-2026-6

Agenta is an open-source LLMOps platform. In Agenta-API prior to version 0.48.1, a Python sandbox escape vulnerability existed in Agenta's custom code evaluator. Agenta used RestrictedPython as a sandboxing mechanism for user-supplied evaluator code, but incorrectly whitelisted the numpy package ...

EUVD-2026-8814

Agenta is an open-source LLMOps platform. In Agenta-API prior to version 0.48.1, a Python sandbox escape vulnerability existed in Agenta's custom code evaluator. Agenta used RestrictedPython as a sandboxing mechanism for user-supplied evaluator code, but incorrectly whitelisted the numpy package ...

PT-2026-22102

Name of the Vulnerable Software and Affected Versions Agenta-API versions prior to 0.48.1 Description Agenta is an open-source LLMOps platform. In Agenta-API versions prior to 0.48.1, a Python sandbox escape existed in Agenta's custom code evaluator. The platform used RestrictedPython as a...

CVE-2026-24905

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

CVE-2026-24905 Inspektor Gadget has a Command Injection vulnerability in Makefile.build

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

Inspector Gadget operating system command injection vulnerability

Inspector Gadget is a set of tools and frameworks based on eBPF developed by Inspector Gadget Inc. Versions of Inspector Gadget prior to 0.48.1 contained a vulnerability related to operating system command injection. This vulnerability stemmed from improper embedding of user-controlled data durin...

PT-2026-5359

Name of the Vulnerable Software and Affected Versions Inspektor Gadget versions prior to 0.48.1 Description Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary includes a subcommand for image...

CVE-2010-4098

monotone before 0.48.1, when configured to allow remote commands, allows remote attackers to cause a denial of service crash via an empty argument to the mtn command...