Local Python Execution Environment Vulnerability in Smolagents by Hugging Face
CVE-2025-9959

7.6HIGH

Key Information:

Status
Vendor: CVE Published:; 3 September 2025

What is CVE-2025-9959?

A vulnerability in Smolagents allows attackers to exploit incomplete validation of dunder attributes, leading to a potential escape from the local Python execution environment sandbox. This escape route depends on executing a Prompt Injection attack, wherein an attacker can trick the agent into generating and executing malicious code. Such vulnerabilities can compromise the security integrity of systems utilizing this product, requiring immediate attention and remediation through the latest patch.

References

https://research.jfrog.com/vulnerabilities/smolagents-loc...

third-party-advisory

https://github.com/huggingface/smolagents/pull/1551

patch

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Sep 3, 2025