We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-5120

Sandbox Escape Vulnerability in huggingface/smolagents



Description

A sandbox escape vulnerability was identified in huggingface/smolagents version 1.14.0, allowing attackers to bypass the restricted execution environment and achieve remote code execution (RCE). The vulnerability stems from the local_python_executor.py module, which inadequately restricts Python code execution despite employing static and dynamic checks. Attackers can exploit whitelisted modules and functions to execute arbitrary code, compromising the host system. This flaw undermines the core security boundary intended to isolate untrusted code, posing risks such as unauthorized code execution, data leakage, and potential integration-level compromise. The issue is resolved in version 1.17.0.

Reserved 2025-05-23 | Published 2025-07-27 | Updated 2025-07-27 | Assigner @huntr_ai


HIGH: 7.6CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L

Problem types

CWE-94 Improper Control of Generation of Code

Product status

Any version before 1.17.0
affected

References

huntr.com/bounties/63ab1cfe-b573-4cf5-a7d3-fb6c957e34b0

github.com/...ommit/33a942e62b6fbf6a35d41f1c735bda2d64c163d0

cve.org (CVE-2025-5120)

nvd.nist.gov (CVE-2025-5120)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-5120

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.