Server-Side Request Forgery in Pydantic AI Framework by Pydantic
CVE-2026-25580

8.6HIGH

Key Information:

Vendor

Pydantic

Vendor
CVE Published:
6 February 2026

What is CVE-2026-25580?

The Pydantic AI framework, designed for creating applications with Generative AI, has a Server-Side Request Forgery (SSRF) vulnerability affecting versions from 0.0.26 to prior to 1.56.0. This security flaw allows attackers to exploit the URL download feature by sending malicious URLs when applications handle message history from untrusted sources. If successfully executed, the server can inadvertently make HTTP requests to sensitive internal resources, which may expose crucial internal services and cloud credentials. It is essential for developers to ensure they upgrade to version 1.56.0 or later to safeguard their applications against this vulnerability.

Affected Version(s)

pydantic-ai >= 0.0.26, < 1.56.0

References

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.