Plateforme
python
Composant
langroid
Corrigé dans
0.59.33
0.59.32
CVE-2026-25481 represents a critical Remote Code Execution (RCE) vulnerability affecting Langroid versions up to 0.9.5. This flaw stems from a bypass of a previous fix (CVE-2025-46724) within the TableChatAgent, enabling attackers to execute arbitrary code. The vulnerability is due to flawed input validation in the pandas_eval tool, allowing malicious expressions to be evaluated, and is addressed in version 0.59.32.
The impact of CVE-2026-25481 is severe. An attacker can exploit this vulnerability to execute arbitrary code on the system running Langroid. This could lead to complete system compromise, including data theft, modification, or destruction. The ability to bypass the existing WAF highlights the sophistication of the attack vector. Successful exploitation could allow an attacker to gain persistent access to the system, potentially moving laterally to other resources within the network. This vulnerability shares similarities with other code injection flaws where whitelisted functions are chained to gain access to restricted functionalities.
CVE-2026-25481 was publicly disclosed on 2026-02-02. The vulnerability's severity is CRITICAL (CVSS score 9.5). Public proof-of-concept (PoC) code is likely to emerge given the bypass nature of the vulnerability. It is recommended to monitor security advisories and threat intelligence feeds for any indications of active exploitation. The vulnerability is not currently listed on the CISA KEV catalog.
Organizations deploying Langroid agents, particularly those using the TableChatAgent feature, are at risk. Environments where Langroid is integrated with sensitive data or critical infrastructure are especially vulnerable. Users relying on older, unpatched versions of Langroid are also at significant risk.
• python / server:
import os
import subprocess
def check_langroid_version():
try:
result = subprocess.check_output(['pip', 'show', 'langroid'], stderr=subprocess.STDOUT, text=True)
for line in result.splitlines():
if 'Version:' in line:
version = line.split('Version:')[1].strip()
if version <= '0.9.5':
return True
else:
return False
except FileNotFoundError:
return False
if check_langroid_version():
print("Langroid version is vulnerable.")
else:
print("Langroid version is not vulnerable.")• linux / server:
ps aux | grep -i langroid
journalctl -u langroid | grep -i "pandas_eval"disclosure
patch
Statut de l'Exploit
EPSS
0.02% (percentile 5%)
CISA SSVC
The primary mitigation for CVE-2026-25481 is to immediately upgrade Langroid to version 0.59.32 or later. If upgrading is not immediately feasible, consider implementing stricter input validation on the TableChatAgent's input. While a direct WAF bypass is present, adding additional filtering rules to block suspicious dunder attribute access (e.g., init, globals, builtins) might offer a temporary layer of defense. Monitor system logs for any unusual activity related to the pandas_eval tool or TableChatAgent. After upgrading, confirm the fix by attempting to trigger the vulnerability with known malicious input and verifying that it is blocked.
Actualice la biblioteca Langroid a la versión 0.59.32 o superior. Esto corregirá la vulnerabilidad de omisión de WAF que permite la ejecución remota de código. La actualización se puede realizar utilizando el gestor de paquetes de Python, pip, ejecutando el comando: `pip install --upgrade langroid`.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2026-25481 is a CRITICAL Remote Code Execution vulnerability in Langroid versions up to 0.9.5, allowing attackers to execute arbitrary code due to a bypass of a previous fix.
You are affected if you are using Langroid version 0.9.5 or earlier. Immediately upgrade to version 0.59.32 or later to mitigate the risk.
Upgrade Langroid to version 0.59.32 or later. If immediate upgrade is not possible, implement stricter input validation on the TableChatAgent.
While active exploitation is not confirmed, the CRITICAL severity and bypass nature of the vulnerability suggest a high likelihood of exploitation. Monitor for any suspicious activity.
Refer to the Langroid project's official security advisories and release notes for the most up-to-date information: [https://github.com/langroid-ai/langroid](https://github.com/langroid-ai/langroid)
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.
Téléverse ton fichier requirements.txt et nous te dirons instantanément si tu es affecté.