プラットフォーム
python
コンポーネント
agenta-api
修正版
0.48.2
0.48.1
CVE-2026-27952 describes a Python sandbox escape vulnerability found in Agenta API versions prior to 0.48.1. This flaw allows authenticated users to bypass the intended security restrictions and execute arbitrary code on the API server. The vulnerability stems from an incorrect configuration of the RestrictedPython sandboxing mechanism, which is used to evaluate user-supplied code. A fix is available in version 0.48.1.
An attacker exploiting this vulnerability could gain complete control over the Agenta API server. By injecting malicious code through the evaluator, they could execute arbitrary commands, access sensitive data, and potentially compromise the entire system. The attack path leverages the numpy.ma.core.inspect function, which exposes Python's introspection utilities, providing access to un-filtered modules. This effectively bypasses the intended sandboxing, allowing for unrestricted code execution. The potential impact includes data breaches, system takeover, and denial of service.
CVE-2026-27952 was publicly disclosed on 2026-02-26. Currently, there are no known public exploits or active campaigns targeting this vulnerability. The vulnerability is not listed on the CISA KEV catalog. The ease of exploitation is considered moderate due to the requirement for authenticated access and some familiarity with Python and the Agenta API.
Organizations deploying Agenta API in production environments, particularly those with user-supplied code evaluation features, are at risk. Shared hosting environments where multiple users have access to the Agenta API server are also particularly vulnerable, as a compromised user could potentially exploit the vulnerability to impact other users on the same server.
• python / server:
import os
import subprocess
def check_agenta_version():
try:
result = subprocess.check_output(['pip', 'show', 'agenta'], stderr=subprocess.STDOUT)
version = result.decode('utf-8').split('Version: ')[1].strip()
if version <= '0.48.1':
print("Agenta version is vulnerable!")
else:
print("Agenta version is patched.")
except FileNotFoundError:
print("Agenta is not installed.")
except subprocess.CalledProcessError as e:
print(f"Error checking Agenta version: {e}")
check_agenta_version()• linux / server:
ps aux | grep -i agenta
# Check for unusual processes or arguments related to code evaluationdisclosure
エクスプロイト状況
EPSS
0.09% (25% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2026-27952 is to immediately upgrade Agenta API to version 0.48.1 or later. If upgrading is not immediately feasible, consider implementing stricter input validation and sanitization for any user-supplied code passed to the evaluator. While a direct workaround is not available, limiting network access to the Agenta API server can reduce the potential blast radius of a successful exploit. Review and audit all custom code evaluators for similar misconfigurations.
Actualice Agenta-API a la versión 0.48.1 o superior. Esta versión corrige la vulnerabilidad de escape de sandbox de Python al eliminar el paquete `numpy` de la lista de permitidos. Alternativamente, considere actualizar a una versión 0.60 o superior, donde se reemplazó el sandbox RestrictedPython con un modelo de ejecución diferente.
脆弱性分析と重要アラートをメールでお届けします。
CVE-2026-27952 is a HIGH severity vulnerability in Agenta API versions ≤ 0.48.1 that allows authenticated users to bypass the code sandbox and execute arbitrary code on the server due to an incorrect numpy package whitelisting.
If you are running Agenta API versions prior to 0.48.1, you are affected by this vulnerability. Assess your deployments immediately.
Upgrade Agenta API to version 0.48.1 or later to remediate the vulnerability. If upgrading is not immediately possible, implement stricter input validation and restrict network access.
As of the current disclosure date, there are no known public exploits or active campaigns targeting CVE-2026-27952, but vigilance is advised.
Refer to the official Agenta project documentation and security advisories for the most up-to-date information regarding CVE-2026-27952.
依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。
requirements.txt ファイルをアップロードすると、影響の有無を即座にお知らせします。