Code Execution Vulnerability in PySpector Static Analysis Tool
CVE-2026-41206

6.9MEDIUM

Key Information:

Vendor: Parzivalhack
Status: Pyspector
Vendor: CVE Published:; 23 April 2026

🔔 Create Parzivalhack Vulnerability Alert

What is CVE-2026-41206?

PySpector, a static analysis security testing framework for Python, has a vulnerability in its plugin security validation mechanism prior to version 0.1.8. This issue allows attackers to bypass an incomplete blocklist in the 'validate_plugin_code' function, potentially leading to arbitrary code execution when malicious plugins are installed and executed. Version 0.1.8 addresses this security hole to enhance overall safety.