pkg:PyPI/smolagents

5 total CVEsCRITICAL2MEDIUM3

✅ Check your installed version

All known vulnerabilities

  • CRITICAL10.0CVE-2025-14931Hugging Face smolagents: Unsafe deserialization in Remote Python Executor leads to RCE
    from 0, <= 1.23.0
  • CRITICAL9.9CVE-2025-5120smolagents has Sandbox Escape Vulnerability in the local_python_executor.py Module
    from 0, < 1.17.0
  • MEDIUM6.3CVE-2026-4963Hugging Face Smolagents has an Injection issue
    from 0, <= 1.25.0.dev0
  • MEDIUM6.3CVE-2026-2654Hugging Face Smolagents has a Server-Side Request Forgery issue
    from 0, <= 1.24.0
  • MEDIUM5.4CVE-2025-11844Hugging Face Smolagents XPath injection vulnerability in the search_item_ctrl_f function
    from 0, < 1.22.0