CVE-2026-27952P2CRITICALCVSS 9.9fixed in 0.48.12026-02-26
CVE-2026-27952 [CRITICAL] CWE-94 CVE-2026-27952: Agenta is an open-source LLMOps platform. In Agenta-API prior to version 0.48.1, a Python sandbox es
Agenta is an open-source LLMOps platform. In Agenta-API prior to version 0.48.1, a Python sandbox escape vulnerability existed in Agenta's custom code evaluator. Agenta used RestrictedPython as a sandboxing mechanism for user-supplied evaluator code, but incorrectly whitelisted the `numpy` package as safe within the sandbox. This allowed authentica
nvd