CVE-2025-9959

Published September 3rd, 2025

View on NVD ↗

CVSS v3

7.6

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Incomplete validation of dunder attributes allows an attacker to escape from the Local Python execution environment sandbox, enforced by smolagents. The attack requires a Prompt Injection in order to trick the agent to create malicious code.

huggingface/smolagents

🤗 smolagents: a barebones library for agents that think in code.

GitHub

27.8K