CVE-2026-33057

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-33057
Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard Unrestricted Remote Code Execution. Any individual capable of routing HTTP logic to this server block will gain explicit host-machine command rights. The AI codebase package includes a lightweight debugging Flask server inside ai/sandbox/wsgi_app.py. The /exec-py route accepts base_64 encoded raw string payloads inside the code parameter natively evaluated by a basic POST web request. It saves it rapidly to the operating system logic path and injects it recursively using execute_module(module_path...). This issue has been fixed in version 1.2.3.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/mesop-dev/mesop/commit/825f55970c20686de3f28e2c66df4d74e9d4db47 Patch
https://github.com/mesop-dev/mesop/security/advisories/GHSA-gjgx-rvqr-6w6v Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:mesop-dev:mesop:*:*:*:*:*:*:*:*
History

24 Mar 2026, 16:04

Type Values Removed Values Added
First Time Mesop-dev mesop
Mesop-dev
References () https://github.com/mesop-dev/mesop/commit/825f55970c20686de3f28e2c66df4d74e9d4db47 - () https://github.com/mesop-dev/mesop/commit/825f55970c20686de3f28e2c66df4d74e9d4db47 - Patch
References () https://github.com/mesop-dev/mesop/security/advisories/GHSA-gjgx-rvqr-6w6v - () https://github.com/mesop-dev/mesop/security/advisories/GHSA-gjgx-rvqr-6w6v - Vendor Advisory
CPE cpe:2.3:a:mesop-dev:mesop:*:*:*:*:*:*:*:*
Summary
  • (es) Mesop es un framework de UI basado en Python que permite a los usuarios construir aplicaciones web. En las versiones 1.2.2 e inferiores, un endpoint web explícito dentro de la infraestructura del módulo de pruebas ai/ ingiere directamente cadenas de código Python no confiables incondicionalmente sin medidas de autenticación, lo que resulta en una Ejecución Remota de Código sin Restricciones estándar. Cualquier individuo capaz de enrutar lógica HTTP a este bloque de servidor obtendrá derechos explícitos de comando de la máquina anfitriona. El paquete de código base de IA incluye un servidor Flask de depuración ligero dentro de ai/sandbox/wsgi_app.py. La ruta /exec-py acepta cargas útiles de cadenas en bruto codificadas en base_64 dentro del parámetro code, evaluadas nativamente por una solicitud web POST básica. Lo guarda rápidamente en la ruta lógica del sistema operativo y lo inyecta recursivamente usando execute_module(module_path...). Este problema ha sido solucionado en la versión 1.2.3.

20 Mar 2026, 08:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-20 08:16

Updated : 2026-03-24 16:04

NVD link : CVE-2026-33057

Mitre link : CVE-2026-33057

CVE.ORG link : CVE-2026-33057

JSON object : View

Products Affected

mesop-dev

  • mesop
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')