CVE-2026-4963
MEDIUMhuggingface smolagents Incomplete Fix CVE-2025-9959 local_python_executor.py evaluate_with code injection
Title source: cnaDescription
A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluate_augassign/evaluate_call/evaluate_with of the file src/smolagents/local_python_executor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
References (7)
Core 7
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-353840 | huggingface smolagents Incomplete Fix CVE-2025-9959 local_python_executor.py evaluate_with code injection
https://vuldb.com/?id.353840
Signature, Permissions Required signature
permissions-required
VDB-353840 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/?ctiid.353840
Third Party Advisory third-party-advisory
Submit #777623 | HuggingFace smolagents 1.25.0.dev0 CWE-693
https://vuldb.com/?submit.777623
Third Party Advisory third-party-advisory
Submit #777643 | HuggingFace smolagents 1.25.0.dev0 CWE-693 (Duplicate)
https://vuldb.com/?submit.777643
Third Party Advisory third-party-advisory
Submit #777644 | HuggingFace smolagents 1.25.0.dev0 CWE-693 (Duplicate)
https://vuldb.com/?submit.777644
Scores
CVSS v3
6.3
EPSS
0.0057
EPSS Percentile
42.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-74
CWE-94
Status
published
Products (3)
huggingface/smolagents
1.25.0 dev0
huggingface/smolagents
1.25.0.dev0
pypi/smolagents
0 - 1.25.0.dev0PyPI
Published
Mar 27, 2026
Tracked Since
Mar 29, 2026