{"data":{"id":"452cc94b-6575-4c37-a9c0-092fbfb8a243","title":"CVE-2025-9959: Incomplete validation of dunder attributes allows an attacker to escape from the Local Python execution environment sand","summary":"CVE-2025-9959 is a vulnerability in smolagents (a Python agent library) where incomplete validation of dunder attributes (special Python variables with double underscores, like __import__) allows an attacker to escape the sandbox (a restricted execution environment) if they use prompt injection (tricking the AI into executing malicious commands). The attack requires the attacker to manipulate the agent's input to make it create and run harmful code.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-9959","publishedAt":"2025-09-03T17:15:35.737Z","cveId":"CVE-2025-9959","cweIds":["CWE-94"],"cvssScore":"7.6","cvssSeverity":"high","severity":"high","attackType":["prompt_injection"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["HuggingFace","smolagents"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00036,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-242"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}