Path Traversal Vulnerability in Pydantic AI Framework
CVE-2026-25640
What is CVE-2026-25640?
Pydantic AI, a framework for developing applications with Generative AI, contains a path traversal vulnerability in its web UI across versions 1.34.0 to 1.50.0. This issue allows attackers to craft malicious URLs that result in the serving of arbitrary JavaScript, potentially compromising user data. Specifically, the vulnerability arises due to insufficient validation of a version query parameter used to construct CDN URLs. Attackers can exploit this flaw to execute malicious code within a victim's browser, leading to unauthorized access to sensitive client-side information such as chat histories. This issue affects applications utilizing the Agent.to_web and clai web functionalities, whether run locally or deployed remotely. Users are advised to upgrade to version 1.51.0 or later to mitigate the risk.
Affected Version(s)
pydantic-ai >= 1.34.0, < 1.51.0
