Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
AgentatechAgenta

2 matches found

CVE
CVEadded 2026/02/26 1:38 a.m.16 views

CVE-2026-27952

Summary of CVE-2026-27952 (Agenta) : The vulnerability affects the Agenta-API (self-hosted API server) prior to version 0.48.1. A Python sandbox escape in the custom code evaluator used RestrictedPython, but the sandbox allowlist erroneously included the numpy package. This allowed authenticated ...

9.9CVSS6.3AI score0.00497EPSS
CVE
CVEadded 2026/02/26 1:39 a.m.11 views

CVE-2026-27961

Agenta (open-source LLMOps platform) has a Server-Side Template Injection (SSTI) vulnerability in API server evaluator templates for versions prior to 0.86.8. The vulnerable code runs server-side within the API process (SDK code executed server-side) and does not affect standalone SDK usage; impa...

8.8CVSS5.6AI score0.00318EPSS