CNNVD-202602-1353 Information

CNNVD ID

CNNVD-202602-1353

Related CVE

CVE-2026-25904

• CNNVD Published: 2026-02-09

Description (Chinese)

pydantic-ai是Pydantic开源的一个用于构建生产级应用程序和工作流的生成式AI框架。 pydantic-ai存在代码问题漏洞，该漏洞源于Deno沙箱配置过于宽松，可能导致服务端请求伪造攻击。

Description (English)

Pydantic-ai is a production-based AI framework for the construction of production-level applications and workflows. Pydantic-ai has a code loophole, which stems from the looseness of the Dino sandbox configuration, which may lead the service to request a false attack.

Vulnerability Type

代码问题

Affected Vendor

Pydantic

Published

2026-02-09

Last Modified

2026-02-24

References

https://research.jfrog.com/vulnerabilities/mcp-run-python-deno-ssrf-jfsa-2026-001653029/ https://access.redhat.com/security/cve/cve-2026-25904