| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2026-4963 |
critical |
10.0 |
10.0 |
2mo ago |
Hugging Face Smolagents has an Injection issue |
|
| CVE-2026-2654 |
critical |
9.8 |
9.8 |
3mo ago |
Hugging Face Smolagents has a Server-Side Request Forgery issue |
|
| CVE-2025-14931 |
critical |
— |
9.5 |
5mo ago |
Hugging Face smolagents: Unsafe deserialization in Remote Python Executor leads to RCE |
|
| CVE-2025-11844 |
unknown |
— |
— |
7mo ago |
Hugging Face Smolagents XPath injection vulnerability in the search_item_ctrl_f function |
|
| CVE-2025-5120 |
unknown |
— |
— |
10mo ago |
smolagents has Sandbox Escape Vulnerability in the local_python_executor.py Module |
|