Package impact
PIP / smolagents
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-4963 | critical | 10.0 | 10.0 | 2mo ago | Hugging Face Smolagents has an Injection issue | |
| CVE-2026-2654 | critical | 9.8 | 9.8 | 3mo ago | Hugging Face Smolagents has a Server-Side Request Forgery issue | |
| CVE-2025-14931 | critical | — | 9.5 | 5mo ago | Hugging Face smolagents: Unsafe deserialization in Remote Python Executor leads to RCE |