{"data":{"id":"b2eccf7c-18f6-40ea-8a87-ca54074ecc47","title":"CVE-2026-25640: Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. From 1.34.0 to befor","summary":"Pydantic AI versions 1.34.0 to before 1.51.0 contain a path traversal vulnerability (a flaw where attackers can access files outside intended directories) in the web UI that lets attackers inject malicious JavaScript code by crafting a specially crafted URL. When victims visit this URL or load it in an iframe (an embedded webpage), the attacker's code runs in their browser and can steal chat history and other data, but only affects applications using the Agent.to_web feature or the CLI web serving option.","solution":"This vulnerability is fixed in version 1.51.0. Update Pydantic AI to 1.51.0 or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-25640","publishedAt":"2026-02-06T20:16:11.110Z","cveId":"CVE-2026-25640","cweIds":["CWE-22","CWE-79"],"cvssScore":"7.1","cvssSeverity":"high","severity":"high","attackType":["pii_leakage"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["LangChain"],"affectedVendorsRaw":["Pydantic AI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00014,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-126","CAPEC-198","CAPEC-86"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}