Name: Smolagents
Author: Huggingface

🔍 What is Smolagents?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2025-5120

CRITICAL CVSS 10.0 Jul 27, 2025

This CVE describes a critical sandbox escape vulnerability in huggingface/smolagents version 1.14.0 that allows attackers to bypass execution restrictions and achieve remote code execution (RCE). The ...

CVE-2026-2654

MEDIUM CVSS 6.3 Feb 18, 2026

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in huggingface smolagents 1.24.0. Attackers can exploit the LocalPythonExecutor component to make unauthorized requests from the v...

CVE-2025-11844

MEDIUM CVSS 5.4 Oct 22, 2025

Hugging Face Smolagents version 1.20.0 contains an XPath injection vulnerability in the search_item_ctrl_f function that allows attackers to inject malicious XPath syntax. This enables bypassing searc...