{"data":{"id":"2b4ea032-689e-488a-8731-5f12d6f623b4","title":"GHSA-4xgf-cpjx-pc3j: pydantic-settings: NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size","summary":"A vulnerability in pydantic-settings' `NestedSecretsSettingsSource` (a feature that reads secret values from files in a directory) allows attackers to read files outside the configured secrets directory by creating symbolic links (shortcuts that point to other locations on the system). The same flaw also bypasses `secrets_dir_max_size`, a size limit meant to prevent loading excessively large files. This can happen when `secrets_nested_subdir=True` is enabled and an attacker can add symbolic links to the secrets directory.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-4xgf-cpjx-pc3j","publishedAt":"2026-06-19T22:10:42.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["data_extraction"],"issueType":"vulnerability","affectedPackages":["pydantic-settings@>= 2.12.0, < 2.14.2 (fixed: 2.14.2)"],"affectedVendors":[],"affectedVendorsRaw":[],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-06-19T22:10:42.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}